<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-02T11:38:10.252175+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dca6e58c-597d-4fd4-9537-960fb1848ff2/export</id>
    <title>dca6e58c-597d-4fd4-9537-960fb1848ff2</title>
    <updated>2026-07-02T11:38:10.273734+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dca6e58c-597d-4fd4-9537-960fb1848ff2", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3316b898-2dfe-420d-8a0b-809e882d018e", "content": "", "creation_timestamp": "2026-06-23T14:05:46.276594Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dca6e58c-597d-4fd4-9537-960fb1848ff2/export"/>
    <published>2026-06-23T14:05:46.276594+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c9a1a3fd-0462-4b6c-b577-1bbda8993e62/export</id>
    <title>c9a1a3fd-0462-4b6c-b577-1bbda8993e62</title>
    <updated>2026-07-02T11:38:10.275603+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c9a1a3fd-0462-4b6c-b577-1bbda8993e62", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3c975fb4-06d4-40b2-ae8d-d6579b4699cd", "content": "", "creation_timestamp": "2026-06-19T12:46:47.935382Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c9a1a3fd-0462-4b6c-b577-1bbda8993e62/export"/>
    <published>2026-06-19T12:46:47.935382+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2dfdc9a3-cec9-4ed7-8fa2-604e95b836c4/export</id>
    <title>2dfdc9a3-cec9-4ed7-8fa2-604e95b836c4</title>
    <updated>2026-07-02T11:38:10.275731+00:00</updated>
    <author>
      <name>Cédric Bonhomme</name>
      <uri>https://cvepremium.circl.lu/user/cedric</uri>
    </author>
    <content>{"uuid": "2dfdc9a3-cec9-4ed7-8fa2-604e95b836c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-28229", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5b549e4e-a327-4519-b117-70c5c2df9b88", "content": "", "creation_timestamp": "2026-02-02T12:26:49.353924Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2dfdc9a3-cec9-4ed7-8fa2-604e95b836c4/export"/>
    <published>2026-02-02T12:26:49.353924+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/865e84e9-f366-4135-bcaa-b1a9a4ec0ce2/export</id>
    <title>865e84e9-f366-4135-bcaa-b1a9a4ec0ce2</title>
    <updated>2026-07-02T11:38:10.276708+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "865e84e9-f366-4135-bcaa-b1a9a4ec0ce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:47.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/865e84e9-f366-4135-bcaa-b1a9a4ec0ce2/export"/>
    <published>2025-02-23T02:10:47+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1270628c-1629-4185-9a57-544af2712762/export</id>
    <title>1270628c-1629-4185-9a57-544af2712762</title>
    <updated>2026-07-02T11:38:10.276817+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1270628c-1629-4185-9a57-544af2712762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971895", "content": "", "creation_timestamp": "2024-12-24T20:35:21.761224Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1270628c-1629-4185-9a57-544af2712762/export"/>
    <published>2024-12-24T20:35:21.761224+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7ea6eae0-79ff-4ea3-afb4-c0b8d7982b81/export</id>
    <title>7ea6eae0-79ff-4ea3-afb4-c0b8d7982b81</title>
    <updated>2026-07-02T11:38:10.276914+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7ea6eae0-79ff-4ea3-afb4-c0b8d7982b81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/202", "content": "\ud83d\udc7b Ghost in the PPL Part 2: From BYOVDLL to Arbitrary Code Execution in LSASS\n\nIn this second installment, the author deepens the exploration of techniques for bypassing LSASS protection, focusing on arbitrary code execution by refining the PoC, exploiting vulnerabilities like CVE-2023-28229, and bypassing Control Flow Guard (CFG) through RPC-based process handle duplication.\n\n\ud83d\udd17 Source:\nhttps://itm4n.github.io/ghost-in-the-ppl-part-2/\n\n#lsa #lsass #ppl #dll #maldev", "creation_timestamp": "2024-08-22T18:04:01.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7ea6eae0-79ff-4ea3-afb4-c0b8d7982b81/export"/>
    <published>2024-08-22T18:04:01+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/632747b3-2ae9-440e-8b73-ead6d25240b4/export</id>
    <title>632747b3-2ae9-440e-8b73-ead6d25240b4</title>
    <updated>2026-07-02T11:38:10.277017+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "632747b3-2ae9-440e-8b73-ead6d25240b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1347", "content": "#exploit\n1. CVE-2023-28229:\nWindows CNG KeyIso RPC EoP/SBX\nhttps://github.com/Y3A/CVE-2023-28229\n\n2. Polygon Smart Contract Bug\nhttps://blog.chain.link/smart-contract-bug-hunting\n\n3. CVE-2023-36723:\nPoC for arbitrary directory creation bug in Container Manager service\nhttps://github.com/Wh04m1001/CVE-2023-36723", "creation_timestamp": "2024-08-16T08:33:55.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/632747b3-2ae9-440e-8b73-ead6d25240b4/export"/>
    <published>2024-08-16T08:33:55+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/44abe608-544c-42a7-ba09-5195e6a8c52f/export</id>
    <title>44abe608-544c-42a7-ba09-5195e6a8c52f</title>
    <updated>2026-07-02T11:38:10.277121+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "44abe608-544c-42a7-ba09-5195e6a8c52f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9190", "content": "#exploit\n1. CVE-2023-28229:\nWindows CNG KeyIso RPC EoP/SBX\nhttps://github.com/Y3A/CVE-2023-28229\n\n2. Polygon Smart Contract Bug\nhttps://blog.chain.link/smart-contract-bug-hunting\n\n3. CVE-2023-36723:\nPoC for arbitrary directory creation bug in Container Manager service\nhttps://github.com/Wh04m1001/CVE-2023-36723", "creation_timestamp": "2023-10-13T10:59:01.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/44abe608-544c-42a7-ba09-5195e6a8c52f/export"/>
    <published>2023-10-13T10:59:01+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bee14cfc-6093-43d5-a0d6-06d5b1bdef3d/export</id>
    <title>bee14cfc-6093-43d5-a0d6-06d5b1bdef3d</title>
    <updated>2026-07-02T11:38:10.277235+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bee14cfc-6093-43d5-a0d6-06d5b1bdef3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3427", "content": "https://github.com/Y3A/CVE-2023-28229", "creation_timestamp": "2023-10-13T05:12:38.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bee14cfc-6093-43d5-a0d6-06d5b1bdef3d/export"/>
    <published>2023-10-13T05:12:38+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/9219aba4-12e1-42ba-9743-8de7008e1ee4/export</id>
    <title>9219aba4-12e1-42ba-9743-8de7008e1ee4</title>
    <updated>2026-07-02T11:38:10.277331+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "9219aba4-12e1-42ba-9743-8de7008e1ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28229", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1270", "content": "https://github.com/Y3A/CVE-2023-28229\n#github", "creation_timestamp": "2023-10-13T05:10:10.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/9219aba4-12e1-42ba-9743-8de7008e1ee4/export"/>
    <published>2023-10-13T05:10:10+00:00</published>
  </entry>
</feed>
