https://vulnerability.circl.lu/sightings/feed 2026-06-13T17:18:31.709973+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/14df7e92-a955-4c37-8142-1496e8de3bc5/export 2026-06-13T17:18:32.072383+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "14df7e92-a955-4c37-8142-1496e8de3bc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24052", "type": "seen", "source": "https://t.me/cibsecurity/37761", "content": "\u203c CVE-2022-24052 \u203c\n\nThis vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16190.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T22:41:04.000000Z"} 2022-02-18T22:41:04+00:00 https://vulnerability.circl.lu/sighting/08091946-ced3-48d4-8ab9-3c709df9b214/export 2026-06-13T17:18:32.072267+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "08091946-ced3-48d4-8ab9-3c709df9b214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24059", "type": "seen", "source": "https://t.me/cibsecurity/37763", "content": "\u203c CVE-2022-24059 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM files. Crafted data in a DCM file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process Was ZDI-CAN-15098.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T22:41:12.000000Z"} 2022-02-18T22:41:12+00:00 https://vulnerability.circl.lu/sighting/256acabf-3759-43dd-b859-ac26bc1ff2e7/export 2026-06-13T17:18:32.072120+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "256acabf-3759-43dd-b859-ac26bc1ff2e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24058", "type": "seen", "source": "https://t.me/cibsecurity/37780", "content": "\u203c CVE-2022-24058 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.8.7.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15095.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T22:44:00.000000Z"} 2022-02-18T22:44:00+00:00 https://vulnerability.circl.lu/sighting/1103d1a1-203c-4e1c-b7ea-c63441e05ea3/export 2026-06-13T17:18:32.070393+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "1103d1a1-203c-4e1c-b7ea-c63441e05ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2405", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17183", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2405\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup\n\ud83d\udccf Published: 2022-09-26T12:35:34.000Z\n\ud83d\udccf Modified: 2025-05-21T19:19:27.568Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/50037028-2790-47ee-aae1-faf0724eb917", "creation_timestamp": "2025-05-21T19:42:55.000000Z"} 2025-05-21T19:42:55+00:00