Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 21 Jun 2026 10:35:09 +0000 6f0cd956-8193-4e65-b6a4-f55615ec49b3 https://vulnerability.circl.lu/sighting/6f0cd956-8193-4e65-b6a4-f55615ec49b3/export {"uuid": "6f0cd956-8193-4e65-b6a4-f55615ec49b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38078", "type": "seen", "source": "https://t.me/cibsecurity/48635", "content": "\u203c CVE-2022-38078 \u203c\n\nMovable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products and versions are as follows: Movable Type 7 r.5202 and earlier, Movable Type Advanced 7 r.5202 and earlier, Movable Type 6.8.6 and earlier, Movable Type Advanced 6.8.6 and earlier, Movable Type Premium 1.52 and earlier, and Movable Type Premium Advanced 1.52 and earlier. Note that all versions of Movable Type 4.0 or later including unsupported (End-of-Life, EOL) versions are also affected by this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-24T12:22:30.000000Z"} {"uuid": "6f0cd956-8193-4e65-b6a4-f55615ec49b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38078", "type": "seen", "source": "https://t.me/cibsecurity/48635", "content": "\u203c CVE-2022-38078 \u203c\n\nMovable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products and versions are as follows: Movable Type 7 r.5202 and earlier, Movable Type Advanced 7 r.5202 and earlier, Movable Type 6.8.6 and earlier, Movable Type Advanced 6.8.6 and earlier, Movable Type Premium 1.52 and earlier, and Movable Type Premium Advanced 1.52 and earlier. Note that all versions of Movable Type 4.0 or later including unsupported (End-of-Life, EOL) versions are also affected by this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-24T12:22:30.000000Z"} https://vulnerability.circl.lu/sighting/6f0cd956-8193-4e65-b6a4-f55615ec49b3/export Wed, 24 Aug 2022 12:22:30 +0000 b26dca7b-f217-429b-8bd6-49fd992ba942 https://vulnerability.circl.lu/sighting/b26dca7b-f217-429b-8bd6-49fd992ba942/export {"uuid": "b26dca7b-f217-429b-8bd6-49fd992ba942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38073", "type": "seen", "source": "https://t.me/cibsecurity/50245", "content": "\u203c CVE-2022-38073 \u203c\n\nMultiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin <= 6.0.7 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T00:46:19.000000Z"} {"uuid": "b26dca7b-f217-429b-8bd6-49fd992ba942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38073", "type": "seen", "source": "https://t.me/cibsecurity/50245", "content": "\u203c CVE-2022-38073 \u203c\n\nMultiple Authenticated (custom specific plugin role) Persistent Cross-Site Scripting (XSS) vulnerability in Awesome Support plugin <= 6.0.7 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T00:46:19.000000Z"} https://vulnerability.circl.lu/sighting/b26dca7b-f217-429b-8bd6-49fd992ba942/export Thu, 22 Sep 2022 00:46:19 +0000 985bd21e-068d-45a5-8b08-654134f4b7b0 https://vulnerability.circl.lu/sighting/985bd21e-068d-45a5-8b08-654134f4b7b0/export {"uuid": "985bd21e-068d-45a5-8b08-654134f4b7b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38075", "type": "seen", "source": "https://t.me/cibsecurity/53161", "content": "\u203c CVE-2022-38075 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Mantenimiento web plugin <= 0.13 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T22:29:33.000000Z"} {"uuid": "985bd21e-068d-45a5-8b08-654134f4b7b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38075", "type": "seen", "source": "https://t.me/cibsecurity/53161", "content": "\u203c CVE-2022-38075 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in Mantenimiento web plugin <= 0.13 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T22:29:33.000000Z"} https://vulnerability.circl.lu/sighting/985bd21e-068d-45a5-8b08-654134f4b7b0/export Fri, 18 Nov 2022 22:29:33 +0000 7ba861f0-fe91-4b09-8b17-8446e4fa280e https://vulnerability.circl.lu/sighting/7ba861f0-fe91-4b09-8b17-8446e4fa280e/export {"uuid": "7ba861f0-fe91-4b09-8b17-8446e4fa280e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38074", "type": "seen", "source": "https://t.me/cibsecurity/59903", "content": "\u203c CVE-2022-38074 \u203c\n\nSQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T17:23:31.000000Z"} {"uuid": "7ba861f0-fe91-4b09-8b17-8446e4fa280e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38074", "type": "seen", "source": "https://t.me/cibsecurity/59903", "content": "\u203c CVE-2022-38074 \u203c\n\nSQL Injection vulnerability in VeronaLabs WP Statistics plugin <= 13.2.10 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-13T17:23:31.000000Z"} https://vulnerability.circl.lu/sighting/7ba861f0-fe91-4b09-8b17-8446e4fa280e/export Mon, 13 Mar 2023 17:23:31 +0000 798b3694-13f8-485d-9f41-cd1d669ea2b0 https://vulnerability.circl.lu/sighting/798b3694-13f8-485d-9f41-cd1d669ea2b0/export {"uuid": "798b3694-13f8-485d-9f41-cd1d669ea2b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38077", "type": "seen", "source": "https://t.me/cibsecurity/61008", "content": "\u203c CVE-2022-38077 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in WP OnlineSupport, Essential Plugin Popup Anything \u00e2\u20ac\u201c A Marketing Popup and Lead Generation Conversions plugin <= 2.2.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T16:15:28.000000Z"} {"uuid": "798b3694-13f8-485d-9f41-cd1d669ea2b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38077", "type": "seen", "source": "https://t.me/cibsecurity/61008", "content": "\u203c CVE-2022-38077 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in WP OnlineSupport, Essential Plugin Popup Anything \u00e2\u20ac\u201c A Marketing Popup and Lead Generation Conversions plugin <= 2.2.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T16:15:28.000000Z"} https://vulnerability.circl.lu/sighting/798b3694-13f8-485d-9f41-cd1d669ea2b0/export Wed, 29 Mar 2023 16:15:28 +0000 1349122f-3a4d-4bb8-9683-7de6299c91c3 https://vulnerability.circl.lu/sighting/1349122f-3a4d-4bb8-9683-7de6299c91c3/export {"uuid": "1349122f-3a4d-4bb8-9683-7de6299c91c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38072", "type": "seen", "source": "Telegram/wgl10yV81s_Pdad3jmQWcoyd9QikwgVZ_rDHgWgT2NQFWQ", "content": "", "creation_timestamp": "2023-04-03T22:19:33.000000Z"} {"uuid": "1349122f-3a4d-4bb8-9683-7de6299c91c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38072", "type": "seen", "source": "Telegram/wgl10yV81s_Pdad3jmQWcoyd9QikwgVZ_rDHgWgT2NQFWQ", "content": "", "creation_timestamp": "2023-04-03T22:19:33.000000Z"} https://vulnerability.circl.lu/sighting/1349122f-3a4d-4bb8-9683-7de6299c91c3/export Mon, 03 Apr 2023 22:19:33 +0000 6747f717-a5c8-4976-9663-bcefc51c645c https://vulnerability.circl.lu/sighting/6747f717-a5c8-4976-9663-bcefc51c645c/export {"uuid": "6747f717-a5c8-4976-9663-bcefc51c645c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38072", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8061", "content": "#exploit\n1. CVE-2022-38072:\nBuffer overflow vulnerability in ADMesh library\nhttps://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1594\n\n2. CVE-2023-0656:\nSonicWall SSL-VPN Out Of Bounds Write DoS\nhttps://ssd-disclosure.com/ssd-advisory-sonicwall-out-of-bounds-write-dos", "creation_timestamp": "2023-04-05T11:03:01.000000Z"} {"uuid": "6747f717-a5c8-4976-9663-bcefc51c645c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38072", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8061", "content": "#exploit\n1. CVE-2022-38072:\nBuffer overflow vulnerability in ADMesh library\nhttps://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1594\n\n2. CVE-2023-0656:\nSonicWall SSL-VPN Out Of Bounds Write DoS\nhttps://ssd-disclosure.com/ssd-advisory-sonicwall-out-of-bounds-write-dos", "creation_timestamp": "2023-04-05T11:03:01.000000Z"} https://vulnerability.circl.lu/sighting/6747f717-a5c8-4976-9663-bcefc51c645c/export Wed, 05 Apr 2023 11:03:01 +0000 8b3d7ae7-c061-42bf-a5d9-b90b5517af1b https://vulnerability.circl.lu/sighting/8b3d7ae7-c061-42bf-a5d9-b90b5517af1b/export {"uuid": "8b3d7ae7-c061-42bf-a5d9-b90b5517af1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38072", "type": "seen", "source": "https://t.me/cibsecurity/61335", "content": "\u203c CVE-2022-38072 \u203c\n\nAn improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-23T09:20:05.000000Z"} {"uuid": "8b3d7ae7-c061-42bf-a5d9-b90b5517af1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38072", "type": "seen", "source": "https://t.me/cibsecurity/61335", "content": "\u203c CVE-2022-38072 \u203c\n\nAn improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-23T09:20:05.000000Z"} https://vulnerability.circl.lu/sighting/8b3d7ae7-c061-42bf-a5d9-b90b5517af1b/export Sun, 23 Apr 2023 09:20:05 +0000 0177c961-70bb-48ec-a0dd-ccbe97d7ab43 https://vulnerability.circl.lu/sighting/0177c961-70bb-48ec-a0dd-ccbe97d7ab43/export {"uuid": "0177c961-70bb-48ec-a0dd-ccbe97d7ab43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-38076", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} {"uuid": "0177c961-70bb-48ec-a0dd-ccbe97d7ab43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-38076", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/0177c961-70bb-48ec-a0dd-ccbe97d7ab43/export Thu, 19 Mar 2026 00:00:00 +0000