<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-10T06:32:27.379883+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6c166570-7028-45a3-b8ff-e9da4283a9b4/export</id>
    <title>6c166570-7028-45a3-b8ff-e9da4283a9b4</title>
    <updated>2026-07-10T06:32:27.398883+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6c166570-7028-45a3-b8ff-e9da4283a9b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40717", "type": "seen", "source": "https://t.me/cibsecurity/56911", "content": "\u203c CVE-2022-40717 \u203c\n\nThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15727.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-26T20:33:57.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6c166570-7028-45a3-b8ff-e9da4283a9b4/export"/>
    <published>2023-01-26T20:33:57+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0e4721ad-9201-494d-87aa-54c368a2be32/export</id>
    <title>0e4721ad-9201-494d-87aa-54c368a2be32</title>
    <updated>2026-07-10T06:32:27.401427+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0e4721ad-9201-494d-87aa-54c368a2be32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40719", "type": "seen", "source": "https://t.me/cibsecurity/56907", "content": "\u203c CVE-2022-40719 \u203c\n\nThis vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd_generic.lua plugin for the xupnpd service, which listens on TCP port 4044 by default. When parsing the feed parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-15906.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-26T20:33:53.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0e4721ad-9201-494d-87aa-54c368a2be32/export"/>
    <published>2023-01-26T20:33:53+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b859936d-7543-4d9f-a340-4c8146000326/export</id>
    <title>b859936d-7543-4d9f-a340-4c8146000326</title>
    <updated>2026-07-10T06:32:27.401572+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b859936d-7543-4d9f-a340-4c8146000326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40711", "type": "seen", "source": "https://t.me/cibsecurity/55711", "content": "\u203c CVE-2022-40711 \u203c\n\nPrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-01T12:15:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b859936d-7543-4d9f-a340-4c8146000326/export"/>
    <published>2023-01-01T12:15:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6c03bbee-f6e6-4cdf-9757-a10c7e0d56c4/export</id>
    <title>6c03bbee-f6e6-4cdf-9757-a10c7e0d56c4</title>
    <updated>2026-07-10T06:32:27.401679+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6c03bbee-f6e6-4cdf-9757-a10c7e0d56c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4071", "type": "seen", "source": "https://t.me/cibsecurity/53225", "content": "\u203c CVE-2022-4071 \u203c\n\nA vulnerability classified as problematic has been found in RSJoomla RSFirewall Plugin. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214038 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-20T16:36:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6c03bbee-f6e6-4cdf-9757-a10c7e0d56c4/export"/>
    <published>2022-11-20T16:36:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bafa09d6-0440-4137-8aa8-883d99a55d61/export</id>
    <title>bafa09d6-0440-4137-8aa8-883d99a55d61</title>
    <updated>2026-07-10T06:32:27.401786+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bafa09d6-0440-4137-8aa8-883d99a55d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40710", "type": "seen", "source": "https://t.me/cibsecurity/50627", "content": "\u203c CVE-2022-40710 \u203c\n\nA link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T00:34:31.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bafa09d6-0440-4137-8aa8-883d99a55d61/export"/>
    <published>2022-09-29T00:34:31+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ebba92a6-5557-41a5-8aee-1a7e1c375b96/export</id>
    <title>ebba92a6-5557-41a5-8aee-1a7e1c375b96</title>
    <updated>2026-07-10T06:32:27.401888+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ebba92a6-5557-41a5-8aee-1a7e1c375b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40716", "type": "seen", "source": "https://t.me/cibsecurity/50316", "content": "\u203c CVE-2022-40716 \u203c\n\nHashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass service mesh intentions. Fixed in 1.11.9, 1.12.5, and 1.13.2.\"\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-23T16:28:22.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ebba92a6-5557-41a5-8aee-1a7e1c375b96/export"/>
    <published>2022-09-23T16:28:22+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/61046dee-e56a-4807-9c3c-f9fe19eaf0f0/export</id>
    <title>61046dee-e56a-4807-9c3c-f9fe19eaf0f0</title>
    <updated>2026-07-10T06:32:27.401986+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "61046dee-e56a-4807-9c3c-f9fe19eaf0f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40715", "type": "seen", "source": "https://t.me/cibsecurity/50052", "content": "\u203c CVE-2022-40715 \u203c\n\nAn issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Traversal vulnerability exists for a specific endpoint via the logfile parameter, allowing a remote authenticated attacker to read files on the filesystem arbitrarily.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-19T20:38:04.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/61046dee-e56a-4807-9c3c-f9fe19eaf0f0/export"/>
    <published>2022-09-19T20:38:04+00:00</published>
  </entry>
</feed>
