https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-25T05:37:44.911407+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/a38563c6-dbf7-44aa-80a9-6cbf70ae354b/exporta38563c6-dbf7-44aa-80a9-6cbf70ae354b2026-06-25T05:37:44.935392+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "a38563c6-dbf7-44aa-80a9-6cbf70ae354b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41976", "type": "seen", "source": "https://t.me/cibsecurity/61753", "content": "\u203c CVE-2022-41976 \u203c\n\nAn privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user profile.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T18:32:55.000000Z"}2023-04-10T18:32:55+00:00https://vulnerability.circl.lu/sighting/83c4b764-887b-4fff-a9df-7ed4fec44e4c/export83c4b764-887b-4fff-a9df-7ed4fec44e4c2026-06-25T05:37:44.935319+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "83c4b764-887b-4fff-a9df-7ed4fec44e4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41979", "type": "seen", "source": "https://t.me/cibsecurity/63755", "content": "\u203c CVE-2022-41979 \u203c\n\nProtection mechanism failure in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:19:40.000000Z"}2023-05-10T18:19:40+00:00https://vulnerability.circl.lu/sighting/0e3e484a-07c1-47d6-9f2e-8f396ee2b198/export0e3e484a-07c1-47d6-9f2e-8f396ee2b1982026-06-25T05:37:44.935257+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "0e3e484a-07c1-47d6-9f2e-8f396ee2b198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://t.me/arpsyndicate/161", "content": "#ExploitObserverAlert\n\nCVE-2022-41973\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2022-41973. multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-13T19:29:11.000000Z"}2023-11-13T19:29:11+00:00https://vulnerability.circl.lu/sighting/3ddbe784-6efb-419e-bd36-27910ec5b360/export3ddbe784-6efb-419e-bd36-27910ec5b3602026-06-25T05:37:44.935195+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "3ddbe784-6efb-419e-bd36-27910ec5b360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "https://t.me/arpsyndicate/161", "content": "#ExploitObserverAlert\n\nCVE-2022-41973\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2022-41973. multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-13T19:29:11.000000Z"}2023-11-13T19:29:11+00:00https://vulnerability.circl.lu/sighting/fd33c63f-6638-49b0-a07a-707a9b127bd1/exportfd33c63f-6638-49b0-a07a-707a9b127bd12026-06-25T05:37:44.935132+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "fd33c63f-6638-49b0-a07a-707a9b127bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "https://t.me/club31337/1246", "content": "https://blog.qualys.com/vulnerabilities-threat-research/2022/10/25/leeloo-multipath-authorization-bypass-and-symlink-attack-in-multipathd-cve-2022-41974-and-cve-2022-41973", "creation_timestamp": "2024-11-09T21:05:43.000000Z"}2024-11-09T21:05:43+00:00https://vulnerability.circl.lu/sighting/353365c4-4f90-40da-981b-2d6454c303ef/export353365c4-4f90-40da-981b-2d6454c303ef2026-06-25T05:37:44.935067+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "353365c4-4f90-40da-981b-2d6454c303ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://t.me/club31337/1246", "content": "https://blog.qualys.com/vulnerabilities-threat-research/2022/10/25/leeloo-multipath-authorization-bypass-and-symlink-attack-in-multipathd-cve-2022-41974-and-cve-2022-41973", "creation_timestamp": "2024-11-09T21:05:43.000000Z"}2024-11-09T21:05:43+00:00https://vulnerability.circl.lu/sighting/d74f4a33-c7d9-4fcb-a276-0c079c075188/exportd74f4a33-c7d9-4fcb-a276-0c079c0751882026-06-25T05:37:44.935005+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "d74f4a33-c7d9-4fcb-a276-0c079c075188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "Telegram/eeVjT7OP9-VSvqISzn-93XCFjRjJW7cdlLMLwB2J6Zsav2g4", "content": "", "creation_timestamp": "2025-02-18T21:38:56.000000Z"}2025-02-18T21:38:56+00:00https://vulnerability.circl.lu/sighting/d8c72044-7a80-4dc7-a4e3-a0162f907dd3/exportd8c72044-7a80-4dc7-a4e3-a0162f907dd32026-06-25T05:37:44.934934+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "d8c72044-7a80-4dc7-a4e3-a0162f907dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4197", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11516", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4197\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Sliderby10Web WordPress plugin before 1.2.53 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2022-12-26T12:28:00.982Z\n\ud83d\udccf Modified: 2025-04-11T23:21:07.756Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/96818024-57ab-419d-bd46-7d2da98269e6", "creation_timestamp": "2025-04-11T23:51:25.000000Z"}2025-04-11T23:51:25+00:00https://vulnerability.circl.lu/sighting/df117863-d359-43d7-b073-4bfb199d4347/exportdf117863-d359-43d7-b073-4bfb199d43472026-06-25T05:37:44.934850+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "df117863-d359-43d7-b073-4bfb199d4347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}2025-04-15T10:00:00+00:00https://vulnerability.circl.lu/sighting/5f10ef71-53a6-4efb-9e28-87b1935a9a45/export5f10ef71-53a6-4efb-9e28-87b1935a9a452026-06-25T05:37:44.932877+00:00Automation userhttps://cvepremium.circl.lu/user/automation{"uuid": "5f10ef71-53a6-4efb-9e28-87b1935a9a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41975", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17016", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41975\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode.\n\ud83d\udccf Published: 2022-09-30T17:20:33.000Z\n\ud83d\udccf Modified: 2025-05-20T16:02:59.158Z\n\ud83d\udd17 References:\n1. https://help.realvnc.com/hc/en-us/articles/360002253138-Release-Notes#vnc-server-6-11-0-released-0-2", "creation_timestamp": "2025-05-20T16:41:08.000000Z"}2025-05-20T16:41:08+00:00