https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 02 Jun 2026 23:20:47 +0000 https://vulnerability.circl.lu/sighting/c79e9c1f-7075-4032-9eed-781c28dabaa0/export {"uuid": "c79e9c1f-7075-4032-9eed-781c28dabaa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33863", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8454", "content": "#exploit\n1. CVE-2023-33865, CVE-2023-33864, CVE-2023-33863:\nLPE and RCE in RenderDoc\nhttps://seclists.org/fulldisclosure/2023/Jun/2\n\n2. CVE-2023-33829:\nSCM Manager XSS\nhttps://github.com/CKevens/CVE-2023-33829-POC", "creation_timestamp": "2023-06-08T12:39:13.000000Z"} {"uuid": "c79e9c1f-7075-4032-9eed-781c28dabaa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33863", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8454", "content": "#exploit\n1. CVE-2023-33865, CVE-2023-33864, CVE-2023-33863:\nLPE and RCE in RenderDoc\nhttps://seclists.org/fulldisclosure/2023/Jun/2\n\n2. CVE-2023-33829:\nSCM Manager XSS\nhttps://github.com/CKevens/CVE-2023-33829-POC", "creation_timestamp": "2023-06-08T12:39:13.000000Z"} https://vulnerability.circl.lu/sighting/c79e9c1f-7075-4032-9eed-781c28dabaa0/export Thu, 08 Jun 2023 12:39:13 +0000 https://vulnerability.circl.lu/sighting/3dc6ce38-1bf5-4106-bc42-17db873c1b6f/export {"uuid": "3dc6ce38-1bf5-4106-bc42-17db873c1b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33865", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8454", "content": "#exploit\n1. CVE-2023-33865, CVE-2023-33864, CVE-2023-33863:\nLPE and RCE in RenderDoc\nhttps://seclists.org/fulldisclosure/2023/Jun/2\n\n2. CVE-2023-33829:\nSCM Manager XSS\nhttps://github.com/CKevens/CVE-2023-33829-POC", "creation_timestamp": "2023-06-08T12:39:13.000000Z"} {"uuid": "3dc6ce38-1bf5-4106-bc42-17db873c1b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33865", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8454", "content": "#exploit\n1. CVE-2023-33865, CVE-2023-33864, CVE-2023-33863:\nLPE and RCE in RenderDoc\nhttps://seclists.org/fulldisclosure/2023/Jun/2\n\n2. CVE-2023-33829:\nSCM Manager XSS\nhttps://github.com/CKevens/CVE-2023-33829-POC", "creation_timestamp": "2023-06-08T12:39:13.000000Z"} https://vulnerability.circl.lu/sighting/3dc6ce38-1bf5-4106-bc42-17db873c1b6f/export Thu, 08 Jun 2023 12:39:13 +0000 https://vulnerability.circl.lu/sighting/b0e73c35-b936-4816-ad6e-6f7b9c7d21c6/export {"uuid": "b0e73c35-b936-4816-ad6e-6f7b9c7d21c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33864", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8454", "content": "#exploit\n1. CVE-2023-33865, CVE-2023-33864, CVE-2023-33863:\nLPE and RCE in RenderDoc\nhttps://seclists.org/fulldisclosure/2023/Jun/2\n\n2. CVE-2023-33829:\nSCM Manager XSS\nhttps://github.com/CKevens/CVE-2023-33829-POC", "creation_timestamp": "2023-06-08T12:39:13.000000Z"} {"uuid": "b0e73c35-b936-4816-ad6e-6f7b9c7d21c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33864", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8454", "content": "#exploit\n1. CVE-2023-33865, CVE-2023-33864, CVE-2023-33863:\nLPE and RCE in RenderDoc\nhttps://seclists.org/fulldisclosure/2023/Jun/2\n\n2. CVE-2023-33829:\nSCM Manager XSS\nhttps://github.com/CKevens/CVE-2023-33829-POC", "creation_timestamp": "2023-06-08T12:39:13.000000Z"} https://vulnerability.circl.lu/sighting/b0e73c35-b936-4816-ad6e-6f7b9c7d21c6/export Thu, 08 Jun 2023 12:39:13 +0000 https://vulnerability.circl.lu/sighting/48e4ecc4-a9a3-4ee9-8cf8-c4bcad9e88df/export {"uuid": "48e4ecc4-a9a3-4ee9-8cf8-c4bcad9e88df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33868", "type": "seen", "source": "https://t.me/cibsecurity/66170", "content": "\u203c CVE-2023-33868 \u203c\n\nThe number of login attempts is not limited. This could allow an attacker to perform a brute force on HTTP basic authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-07T03:11:44.000000Z"} {"uuid": "48e4ecc4-a9a3-4ee9-8cf8-c4bcad9e88df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33868", "type": "seen", "source": "https://t.me/cibsecurity/66170", "content": "\u203c CVE-2023-33868 \u203c\n\nThe number of login attempts is not limited. This could allow an attacker to perform a brute force on HTTP basic authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-07T03:11:44.000000Z"} https://vulnerability.circl.lu/sighting/48e4ecc4-a9a3-4ee9-8cf8-c4bcad9e88df/export Fri, 07 Jul 2023 03:11:44 +0000 https://vulnerability.circl.lu/sighting/5a4a9e28-d1b8-46d9-8905-eb6acc899e6c/export {"uuid": "5a4a9e28-d1b8-46d9-8905-eb6acc899e6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33866", "type": "seen", "source": "https://t.me/cibsecurity/67009", "content": "\u203c CVE-2023-33866 \u203c\n\nA use-after-free vulnerability exists in the JavaScript engine of Foxit Software\u00e2\u20ac\u2122s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T18:21:51.000000Z"} {"uuid": "5a4a9e28-d1b8-46d9-8905-eb6acc899e6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33866", "type": "seen", "source": "https://t.me/cibsecurity/67009", "content": "\u203c CVE-2023-33866 \u203c\n\nA use-after-free vulnerability exists in the JavaScript engine of Foxit Software\u00e2\u20ac\u2122s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T18:21:51.000000Z"} https://vulnerability.circl.lu/sighting/5a4a9e28-d1b8-46d9-8905-eb6acc899e6c/export Wed, 19 Jul 2023 18:21:51 +0000 https://vulnerability.circl.lu/sighting/0b434036-ff02-47fe-8580-15ad36186f74/export {"uuid": "0b434036-ff02-47fe-8580-15ad36186f74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3386", "type": "seen", "source": "https://t.me/cibsecurity/68019", "content": "\u203c CVE-2023-3386 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 Camera Trap Tracking System allows SQL Injection.This issue affects Camera Trap Tracking System: before 3.1905.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:35.000000Z"} {"uuid": "0b434036-ff02-47fe-8580-15ad36186f74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3386", "type": "seen", "source": "https://t.me/cibsecurity/68019", "content": "\u203c CVE-2023-3386 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 Camera Trap Tracking System allows SQL Injection.This issue affects Camera Trap Tracking System: before 3.1905.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:35.000000Z"} https://vulnerability.circl.lu/sighting/0b434036-ff02-47fe-8580-15ad36186f74/export Tue, 08 Aug 2023 20:14:35 +0000 https://vulnerability.circl.lu/sighting/3df826fa-09f9-465a-9c3e-a66d3172ba59/export {"uuid": "3df826fa-09f9-465a-9c3e-a66d3172ba59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33867", "type": "seen", "source": "https://t.me/cibsecurity/68306", "content": "\u203c CVE-2023-33867 \u203c\n\nImproper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T07:32:21.000000Z"} {"uuid": "3df826fa-09f9-465a-9c3e-a66d3172ba59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33867", "type": "seen", "source": "https://t.me/cibsecurity/68306", "content": "\u203c CVE-2023-33867 \u203c\n\nImproper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T07:32:21.000000Z"} https://vulnerability.circl.lu/sighting/3df826fa-09f9-465a-9c3e-a66d3172ba59/export Fri, 11 Aug 2023 07:32:21 +0000 https://vulnerability.circl.lu/sighting/fd87a3d1-cbdb-4b8a-891e-3eed86e4b8e5/export {"uuid": "fd87a3d1-cbdb-4b8a-891e-3eed86e4b8e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33860", "type": "seen", "source": "https://t.me/cvedetector/549", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-33860 - IBM Security QRadar EDR 3.12 does not set the secu\", \n \"Content\": \"CVE ID : CVE-2023-33860 \nPublished : July 10, 2024, 4:15 p.m. | 34\u00a0minutes ago \nDescription : IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 257702. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T18:53:04.000000Z"} {"uuid": "fd87a3d1-cbdb-4b8a-891e-3eed86e4b8e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33860", "type": "seen", "source": "https://t.me/cvedetector/549", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-33860 - IBM Security QRadar EDR 3.12 does not set the secu\", \n \"Content\": \"CVE ID : CVE-2023-33860 \nPublished : July 10, 2024, 4:15 p.m. | 34\u00a0minutes ago \nDescription : IBM Security QRadar EDR 3.12 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 257702. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T18:53:04.000000Z"} https://vulnerability.circl.lu/sighting/fd87a3d1-cbdb-4b8a-891e-3eed86e4b8e5/export Wed, 10 Jul 2024 18:53:04 +0000 https://vulnerability.circl.lu/sighting/0987cd90-6a2d-4dc9-954b-cb56d5b7cd39/export {"uuid": "0987cd90-6a2d-4dc9-954b-cb56d5b7cd39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33865", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/442", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-33865\n\ud83d\udd39 Description: RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership.\n\ud83d\udccf Published: 2023-06-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T15:05:46.616Z\n\ud83d\udd17 References:\n1. https://renderdoc.org/\n2. https://www.qualys.com/2023/06/06/renderdoc/renderdoc.txt\n3. http://seclists.org/fulldisclosure/2023/Jun/2\n4. http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html\n5. https://lists.debian.org/debian-lts-announce/2023/07/msg00023.html\n6. https://security.gentoo.org/glsa/202311-10", "creation_timestamp": "2025-01-07T15:38:58.000000Z"} {"uuid": "0987cd90-6a2d-4dc9-954b-cb56d5b7cd39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-33865", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/442", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-33865\n\ud83d\udd39 Description: RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership.\n\ud83d\udccf Published: 2023-06-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T15:05:46.616Z\n\ud83d\udd17 References:\n1. https://renderdoc.org/\n2. https://www.qualys.com/2023/06/06/renderdoc/renderdoc.txt\n3. http://seclists.org/fulldisclosure/2023/Jun/2\n4. http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html\n5. https://lists.debian.org/debian-lts-announce/2023/07/msg00023.html\n6. https://security.gentoo.org/glsa/202311-10", "creation_timestamp": "2025-01-07T15:38:58.000000Z"} https://vulnerability.circl.lu/sighting/0987cd90-6a2d-4dc9-954b-cb56d5b7cd39/export Tue, 07 Jan 2025 15:38:58 +0000