https://vulnerability.circl.lu/sightings/feed 2026-06-15T00:28:14.089995+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/36cac2ae-23f4-4882-92e8-7a625eab1112/export 2026-06-15T00:28:14.333279+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "36cac2ae-23f4-4882-92e8-7a625eab1112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39870", "type": "seen", "source": "https://t.me/cibsecurity/50979", "content": "\u203c CVE-2022-39870 \u203c\n\nImproper access control vulnerability in cloudNotificationManager.java SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via PUSH_MESSAGE_RECEIVED broadcast.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:51.000000Z"} 2022-10-07T18:17:51+00:00 https://vulnerability.circl.lu/sighting/51e2299b-46fe-4679-8b90-c06615790e59/export 2026-06-15T00:28:14.333221+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "51e2299b-46fe-4679-8b90-c06615790e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39875", "type": "seen", "source": "https://t.me/cibsecurity/50980", "content": "\u203c CVE-2022-39875 \u203c\n\nImproper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:52.000000Z"} 2022-10-07T18:17:52+00:00 https://vulnerability.circl.lu/sighting/a104420b-f676-4f09-9e1a-c8dccb319fb6/export 2026-06-15T00:28:14.333161+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a104420b-f676-4f09-9e1a-c8dccb319fb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39871", "type": "seen", "source": "https://t.me/cibsecurity/50985", "content": "\u203c CVE-2022-39871 \u203c\n\nImproper access control vulnerability cloudNotificationManager.java in SmartThings prior to version 1.7.89.0 allows attackers to access sensitive information via implicit broadcasts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:58.000000Z"} 2022-10-07T18:17:58+00:00 https://vulnerability.circl.lu/sighting/9b6c06de-e734-4d8b-b68d-dc6fbd703196/export 2026-06-15T00:28:14.333100+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "9b6c06de-e734-4d8b-b68d-dc6fbd703196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39878", "type": "seen", "source": "https://t.me/cibsecurity/50986", "content": "\u203c CVE-2022-39878 \u203c\n\nImproper access control vulnerability in Samsung Checkout prior to version 5.0.55.3 allows attackers to access sensitive information via implicit intent broadcast.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:17:59.000000Z"} 2022-10-07T18:17:59+00:00 https://vulnerability.circl.lu/sighting/a5e3e287-5933-4542-ad61-2df27e0ce7f8/export 2026-06-15T00:28:14.333034+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a5e3e287-5933-4542-ad61-2df27e0ce7f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39872", "type": "seen", "source": "https://t.me/cibsecurity/50988", "content": "\u203c CVE-2022-39872 \u203c\n\nImproper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:18:01.000000Z"} 2022-10-07T18:18:01+00:00 https://vulnerability.circl.lu/sighting/24b0f09e-d24c-4929-912d-df72da5edcee/export 2026-06-15T00:28:14.332969+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "24b0f09e-d24c-4929-912d-df72da5edcee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39874", "type": "seen", "source": "https://t.me/cibsecurity/50989", "content": "\u203c CVE-2022-39874 \u203c\n\nSensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T18:18:03.000000Z"} 2022-10-07T18:18:03+00:00 https://vulnerability.circl.lu/sighting/c77722f4-0284-4486-b166-9863594b454c/export 2026-06-15T00:28:14.332902+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c77722f4-0284-4486-b166-9863594b454c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39879", "type": "seen", "source": "https://t.me/cibsecurity/52740", "content": "\u203c CVE-2022-39879 \u203c\n\nImproper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:36:44.000000Z"} 2022-11-10T00:36:44+00:00 https://vulnerability.circl.lu/sighting/814fe2ed-2d7e-4a4f-bc28-b410959dd45d/export 2026-06-15T00:28:14.332828+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "814fe2ed-2d7e-4a4f-bc28-b410959dd45d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3987", "type": "seen", "source": "https://t.me/cibsecurity/54862", "content": "\u203c CVE-2022-3987 \u203c\n\nThe Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T16:10:36.000000Z"} 2022-12-19T16:10:36+00:00 https://vulnerability.circl.lu/sighting/facf1306-e3ec-4203-bc27-d2fd15a5141d/export 2026-06-15T00:28:14.332736+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "facf1306-e3ec-4203-bc27-d2fd15a5141d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3987", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12225", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3987\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks\n\ud83d\udccf Published: 2022-12-19T13:41:47.729Z\n\ud83d\udccf Modified: 2025-04-17T13:41:59.141Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/d9309a09-34ba-4e56-b683-e677ad277b29", "creation_timestamp": "2025-04-17T13:57:53.000000Z"} 2025-04-17T13:57:53+00:00 https://vulnerability.circl.lu/sighting/371ab06c-fa96-43b6-882f-a2448b5b8f7a/export 2026-06-15T00:28:14.330440+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "371ab06c-fa96-43b6-882f-a2448b5b8f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39879", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14395", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39879\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T19:35:10.233Z\n\ud83d\udd17 References:\n1. https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=11", "creation_timestamp": "2025-05-01T20:15:58.000000Z"} 2025-05-01T20:15:58+00:00