Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 05:37:45 +0000 a38563c6-dbf7-44aa-80a9-6cbf70ae354b https://vulnerability.circl.lu/sighting/a38563c6-dbf7-44aa-80a9-6cbf70ae354b/export {"uuid": "a38563c6-dbf7-44aa-80a9-6cbf70ae354b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41976", "type": "seen", "source": "https://t.me/cibsecurity/61753", "content": "\u203c CVE-2022-41976 \u203c\n\nAn privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user profile.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T18:32:55.000000Z"} {"uuid": "a38563c6-dbf7-44aa-80a9-6cbf70ae354b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41976", "type": "seen", "source": "https://t.me/cibsecurity/61753", "content": "\u203c CVE-2022-41976 \u203c\n\nAn privilege escalation issue was discovered in Scada-LTS 2.7.1.1 build 2948559113 allows remote attackers, authenticated in the application as a low-privileged user to change role (e.g., to administrator) by updating their user profile.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T18:32:55.000000Z"} https://vulnerability.circl.lu/sighting/a38563c6-dbf7-44aa-80a9-6cbf70ae354b/export Mon, 10 Apr 2023 18:32:55 +0000 83c4b764-887b-4fff-a9df-7ed4fec44e4c https://vulnerability.circl.lu/sighting/83c4b764-887b-4fff-a9df-7ed4fec44e4c/export {"uuid": "83c4b764-887b-4fff-a9df-7ed4fec44e4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41979", "type": "seen", "source": "https://t.me/cibsecurity/63755", "content": "\u203c CVE-2022-41979 \u203c\n\nProtection mechanism failure in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:19:40.000000Z"} {"uuid": "83c4b764-887b-4fff-a9df-7ed4fec44e4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41979", "type": "seen", "source": "https://t.me/cibsecurity/63755", "content": "\u203c CVE-2022-41979 \u203c\n\nProtection mechanism failure in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:19:40.000000Z"} https://vulnerability.circl.lu/sighting/83c4b764-887b-4fff-a9df-7ed4fec44e4c/export Wed, 10 May 2023 18:19:40 +0000 0e3e484a-07c1-47d6-9f2e-8f396ee2b198 https://vulnerability.circl.lu/sighting/0e3e484a-07c1-47d6-9f2e-8f396ee2b198/export {"uuid": "0e3e484a-07c1-47d6-9f2e-8f396ee2b198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://t.me/arpsyndicate/161", "content": "#ExploitObserverAlert\n\nCVE-2022-41973\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2022-41973. multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-13T19:29:11.000000Z"} {"uuid": "0e3e484a-07c1-47d6-9f2e-8f396ee2b198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://t.me/arpsyndicate/161", "content": "#ExploitObserverAlert\n\nCVE-2022-41973\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2022-41973. multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-13T19:29:11.000000Z"} https://vulnerability.circl.lu/sighting/0e3e484a-07c1-47d6-9f2e-8f396ee2b198/export Mon, 13 Nov 2023 19:29:11 +0000 3ddbe784-6efb-419e-bd36-27910ec5b360 https://vulnerability.circl.lu/sighting/3ddbe784-6efb-419e-bd36-27910ec5b360/export {"uuid": "3ddbe784-6efb-419e-bd36-27910ec5b360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "https://t.me/arpsyndicate/161", "content": "#ExploitObserverAlert\n\nCVE-2022-41973\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2022-41973. multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-13T19:29:11.000000Z"} {"uuid": "3ddbe784-6efb-419e-bd36-27910ec5b360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "https://t.me/arpsyndicate/161", "content": "#ExploitObserverAlert\n\nCVE-2022-41973\n\nDESCRIPTION: Exploit Observer has 14 entries related to CVE-2022-41973. multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly for local privilege escalation to root.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-13T19:29:11.000000Z"} https://vulnerability.circl.lu/sighting/3ddbe784-6efb-419e-bd36-27910ec5b360/export Mon, 13 Nov 2023 19:29:11 +0000 fd33c63f-6638-49b0-a07a-707a9b127bd1 https://vulnerability.circl.lu/sighting/fd33c63f-6638-49b0-a07a-707a9b127bd1/export {"uuid": "fd33c63f-6638-49b0-a07a-707a9b127bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "https://t.me/club31337/1246", "content": "https://blog.qualys.com/vulnerabilities-threat-research/2022/10/25/leeloo-multipath-authorization-bypass-and-symlink-attack-in-multipathd-cve-2022-41974-and-cve-2022-41973", "creation_timestamp": "2024-11-09T21:05:43.000000Z"} {"uuid": "fd33c63f-6638-49b0-a07a-707a9b127bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "https://t.me/club31337/1246", "content": "https://blog.qualys.com/vulnerabilities-threat-research/2022/10/25/leeloo-multipath-authorization-bypass-and-symlink-attack-in-multipathd-cve-2022-41974-and-cve-2022-41973", "creation_timestamp": "2024-11-09T21:05:43.000000Z"} https://vulnerability.circl.lu/sighting/fd33c63f-6638-49b0-a07a-707a9b127bd1/export Sat, 09 Nov 2024 21:05:43 +0000 353365c4-4f90-40da-981b-2d6454c303ef https://vulnerability.circl.lu/sighting/353365c4-4f90-40da-981b-2d6454c303ef/export {"uuid": "353365c4-4f90-40da-981b-2d6454c303ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://t.me/club31337/1246", "content": "https://blog.qualys.com/vulnerabilities-threat-research/2022/10/25/leeloo-multipath-authorization-bypass-and-symlink-attack-in-multipathd-cve-2022-41974-and-cve-2022-41973", "creation_timestamp": "2024-11-09T21:05:43.000000Z"} {"uuid": "353365c4-4f90-40da-981b-2d6454c303ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://t.me/club31337/1246", "content": "https://blog.qualys.com/vulnerabilities-threat-research/2022/10/25/leeloo-multipath-authorization-bypass-and-symlink-attack-in-multipathd-cve-2022-41974-and-cve-2022-41973", "creation_timestamp": "2024-11-09T21:05:43.000000Z"} https://vulnerability.circl.lu/sighting/353365c4-4f90-40da-981b-2d6454c303ef/export Sat, 09 Nov 2024 21:05:43 +0000 d74f4a33-c7d9-4fcb-a276-0c079c075188 https://vulnerability.circl.lu/sighting/d74f4a33-c7d9-4fcb-a276-0c079c075188/export {"uuid": "d74f4a33-c7d9-4fcb-a276-0c079c075188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "Telegram/eeVjT7OP9-VSvqISzn-93XCFjRjJW7cdlLMLwB2J6Zsav2g4", "content": "", "creation_timestamp": "2025-02-18T21:38:56.000000Z"} {"uuid": "d74f4a33-c7d9-4fcb-a276-0c079c075188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41973", "type": "seen", "source": "Telegram/eeVjT7OP9-VSvqISzn-93XCFjRjJW7cdlLMLwB2J6Zsav2g4", "content": "", "creation_timestamp": "2025-02-18T21:38:56.000000Z"} https://vulnerability.circl.lu/sighting/d74f4a33-c7d9-4fcb-a276-0c079c075188/export Tue, 18 Feb 2025 21:38:56 +0000 d8c72044-7a80-4dc7-a4e3-a0162f907dd3 https://vulnerability.circl.lu/sighting/d8c72044-7a80-4dc7-a4e3-a0162f907dd3/export {"uuid": "d8c72044-7a80-4dc7-a4e3-a0162f907dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4197", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11516", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4197\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Sliderby10Web WordPress plugin before 1.2.53 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2022-12-26T12:28:00.982Z\n\ud83d\udccf Modified: 2025-04-11T23:21:07.756Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/96818024-57ab-419d-bd46-7d2da98269e6", "creation_timestamp": "2025-04-11T23:51:25.000000Z"} {"uuid": "d8c72044-7a80-4dc7-a4e3-a0162f907dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4197", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11516", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4197\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Sliderby10Web WordPress plugin before 1.2.53 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2022-12-26T12:28:00.982Z\n\ud83d\udccf Modified: 2025-04-11T23:21:07.756Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/96818024-57ab-419d-bd46-7d2da98269e6", "creation_timestamp": "2025-04-11T23:51:25.000000Z"} https://vulnerability.circl.lu/sighting/d8c72044-7a80-4dc7-a4e3-a0162f907dd3/export Fri, 11 Apr 2025 23:51:25 +0000 df117863-d359-43d7-b073-4bfb199d4347 https://vulnerability.circl.lu/sighting/df117863-d359-43d7-b073-4bfb199d4347/export {"uuid": "df117863-d359-43d7-b073-4bfb199d4347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"} {"uuid": "df117863-d359-43d7-b073-4bfb199d4347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41974", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"} https://vulnerability.circl.lu/sighting/df117863-d359-43d7-b073-4bfb199d4347/export Tue, 15 Apr 2025 10:00:00 +0000 5f10ef71-53a6-4efb-9e28-87b1935a9a45 https://vulnerability.circl.lu/sighting/5f10ef71-53a6-4efb-9e28-87b1935a9a45/export {"uuid": "5f10ef71-53a6-4efb-9e28-87b1935a9a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41975", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17016", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41975\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode.\n\ud83d\udccf Published: 2022-09-30T17:20:33.000Z\n\ud83d\udccf Modified: 2025-05-20T16:02:59.158Z\n\ud83d\udd17 References:\n1. https://help.realvnc.com/hc/en-us/articles/360002253138-Release-Notes#vnc-server-6-11-0-released-0-2", "creation_timestamp": "2025-05-20T16:41:08.000000Z"} {"uuid": "5f10ef71-53a6-4efb-9e28-87b1935a9a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41975", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17016", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41975\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: RealVNC VNC Server before 6.11.0 and VNC Viewer before 6.22.826 on Windows allow local privilege escalation via MSI installer Repair mode.\n\ud83d\udccf Published: 2022-09-30T17:20:33.000Z\n\ud83d\udccf Modified: 2025-05-20T16:02:59.158Z\n\ud83d\udd17 References:\n1. https://help.realvnc.com/hc/en-us/articles/360002253138-Release-Notes#vnc-server-6-11-0-released-0-2", "creation_timestamp": "2025-05-20T16:41:08.000000Z"} https://vulnerability.circl.lu/sighting/5f10ef71-53a6-4efb-9e28-87b1935a9a45/export Tue, 20 May 2025 16:41:08 +0000