https://vulnerability.circl.lu/sightings/feed 2026-05-08T05:04:12.457829+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/6053640f-6fc6-4d31-8549-2f6364f16f6c/export 2026-05-08T05:04:12.805095+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "6053640f-6fc6-4d31-8549-2f6364f16f6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40146", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7094", "content": "#exploit\n1. CVE-2022-38398, CVE-2022-40146:\nVulnerabilities in Apache Batik Default Security Controls - SSRF/RCE Through Remote Class Loading\nhttps://www.zerodayinitiative.com/blog/2022/10/28/vulnerabilities-in-apache-batik-default-security-controls-ssrf-and-rce-through-remote-class-loading\n\n2. CVE-2022-0739:\nSQLI BookingPress <1.0.11 - Unauth SQL Injection\nhttps://github.com/Chris01s/CVE-2022-0739", "creation_timestamp": "2022-11-03T11:05:13.000000Z"} 2022-11-03T11:05:13+00:00 https://vulnerability.circl.lu/sighting/c08ee595-20a3-4bfc-8e8d-cf8e7dce47bb/export 2026-05-08T05:04:12.805013+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "c08ee595-20a3-4bfc-8e8d-cf8e7dce47bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40146", "type": "published-proof-of-concept", "source": "Telegram/fAWPAqiGGmiCioZoRRJUTpS-505alyTv3gMvgAepMoyqmv8", "content": "", "creation_timestamp": "2022-11-09T03:50:02.000000Z"} 2022-11-09T03:50:02+00:00 https://vulnerability.circl.lu/sighting/a50e02fc-8e89-46c7-b653-f26bc0a9eb50/export 2026-05-08T05:04:12.804934+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "a50e02fc-8e89-46c7-b653-f26bc0a9eb50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40140", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3414", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA Shodan hunter for CVE-2022-40140 \nURL\uff1ahttps://github.com/ipsBruno/CVE-2022-40140-SCANNER\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-13T22:06:28.000000Z"} 2022-11-13T22:06:28+00:00 https://vulnerability.circl.lu/sighting/5cb3d1c0-caa6-487f-a0c4-1268c36c7357/export 2026-05-08T05:04:12.804855+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "5cb3d1c0-caa6-487f-a0c4-1268c36c7357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40146", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/583", "content": "CVE-2022-40146 : Apache XML Graphics Batik 1.14 - Server-Side Request Forgery & RCE\nPOC : https://github.com/cckuailong/CVE-2022-40146_Exploit_Jar", "creation_timestamp": "2022-11-14T21:29:01.000000Z"} 2022-11-14T21:29:01+00:00 https://vulnerability.circl.lu/sighting/6baee2d3-c615-4da0-9d76-896957855d4b/export 2026-05-08T05:04:12.804774+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "6baee2d3-c615-4da0-9d76-896957855d4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40140", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2467", "content": "#CVE-2022\nA Shodan hunter for CVE-2022-40140 \n\nhttps://github.com/ipsBruno/CVE-2022-40140-SCANNER\n\n@BlueRedTeam", "creation_timestamp": "2022-11-16T11:11:16.000000Z"} 2022-11-16T11:11:16+00:00 https://vulnerability.circl.lu/sighting/7d68fb40-475c-4e02-91d0-6567155593d1/export 2026-05-08T05:04:12.804689+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "7d68fb40-475c-4e02-91d0-6567155593d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40140", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6904", "content": "#exploit\n1. CVE-2022-40140, CVE-2022-41082:\n\"ProxyNotShell\"\nhttps://github.com/LivingFree8/CVE-2022-41082-RCE-POC\n\n2. CVE-2022-30600:\nMoodle Failed Login\nhttps://github.com/Boonjune/POC-CVE-2022-30600\n\n3. A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W\nhttps://github.com/SecIdiot/ANGRYORCHARD", "creation_timestamp": "2022-12-21T04:56:56.000000Z"} 2022-12-21T04:56:56+00:00 https://vulnerability.circl.lu/sighting/fa117fc7-c3f8-43ae-94f4-6a0e6d486589/export 2026-05-08T05:04:12.804604+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "fa117fc7-c3f8-43ae-94f4-6a0e6d486589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40145", "type": "seen", "source": "https://t.me/cibsecurity/55054", "content": "\u203c CVE-2022-40145 \u203c\n\nThis vulnerable is about a potential code injection when an attacker has control of the target LDAP server using in the JDBC JNDI URL. The function jaas.modules.src.main.java.porg.apache.karaf.jass.modules.jdbc.JDBCUtils#doCreateDatasource use InitialContext.lookup(jndiName) without filtering. An user can modify `options.put(JDBCUtils.DATASOURCE, \"osgi:\" + DataSource.class.getName());` to `options.put(JDBCUtils.DATASOURCE,\"jndi:rmi://x.x.x.x:xxxx/Command\");` in JdbcLoginModuleTest#setup. This is vulnerable to a remote code execution (RCE) attack when a configuration uses a JNDI LDAP data source URI when an attacker has control of the target LDAP server.This issue affects all versions of Apache Karaf up to 4.4.1 and 4.3.7. We encourage the users to upgrade to Apache Karaf at least 4.4.2 or 4.3.8\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T05:38:07.000000Z"} 2022-12-22T05:38:07+00:00 https://vulnerability.circl.lu/sighting/ed580273-c687-45a9-9a5e-51d1bb763054/export 2026-05-08T05:04:12.804489+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "ed580273-c687-45a9-9a5e-51d1bb763054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40140", "type": "seen", "source": "https://t.me/pt_soft/243", "content": "\ud83d\uddbc\ufe0f Moriarty v1.1\n\n\u0427\u0435\u043a\u0435\u0440 CVEs \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 C# \u0434\u043b\u044f \u041e\u0421 \ud83c\udfe0 Windows\n\n\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\nWindows 10 (Versions: 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, 22H1, 22H2)\nWindows 11 (Versions: 21H2, 22H1, 22H2, 23H1)\nWindows Server 2016, 2019, 2022\n\n\u0421\u043f\u0438\u0441\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (35):\nMS10-015\nMS10-092\nMS13-053\nMS13-081\nMS14-058\nMS15-051\nMS15-078\nMS16-016\nMS16-032\nMS16-034\nMS16-135\nCVE-2017-7199\nCVE-2019-0836\nCVE-2019-0836\nCVE-2019-1064\nCVE-2019-1130\nCVE-2019-1253\nCVE-2019-1315\nCVE-2019-1385\nCVE-2019-1388\nCVE-2019-1405\nCVE-2020-0668\nCVE-2020-0683\nCVE-2020-0796\nCVE-2020-1013\nCVE-2020-1013\nCVE-2021-26855\nCVE-2021-26857\nCVE-2021-26858\nCVE-2021-27065\nCVE-2021-44228\nCVE-2021-36934\nCVE-2022-40140\nCVE-2022-22965\nCVE-2023-36664\n\n\ud83d\udc49 \u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u043e\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 \u043f\u043e CVE\n\n!poc CVE-2019-1064\n\n\ud83d\udcbb Home\n\n\u0414\u043b\u044f \u0441\u0431\u043e\u0440\u043a\u0438 \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u0442\u0441\u044f Visual Studio \u0438 .NET Framework 4.8 Developer Pack\n\n#moriarty #checker #csharp\n\n\u2708\ufe0f // Pentest HaT \ud83c\udfa9", "creation_timestamp": "2024-03-15T08:58:02.000000Z"} 2024-03-15T08:58:02+00:00 https://vulnerability.circl.lu/sighting/45e0ad8b-bded-416f-a8e9-7ff3b8921e21/export 2026-05-08T05:04:12.804357+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "45e0ad8b-bded-416f-a8e9-7ff3b8921e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40140", "type": "published-proof-of-concept", "source": "https://t.me/pt_soft/270", "content": "\ud83d\uddbc\ufe0f \ud83d\udd04 Moriarty v1.2\n\n\u0427\u0435\u043a\u0435\u0440 CVEs \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 C# \u0434\u043b\u044f \u041e\u0421 \ud83c\udfe0 Windows\n\n\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\nWindows 10 (Versions: 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, 22H1, 22H2)\nWindows 11 (Versions: 21H2, 22H1, 22H2, 23H1)\nWindows Server 2016, 2019, 2022\n\n\u0421\u043f\u0438\u0441\u043e\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (35):\nMS10-015\nMS10-092\nMS13-053\nMS13-081\nMS14-058\nMS15-051\nMS15-078\nMS16-016\nMS16-032\nMS16-034\nMS16-135\nCVE-2017-7199\nCVE-2019-0836\nCVE-2019-0836\nCVE-2019-1064\nCVE-2019-1130\nCVE-2019-1253\nCVE-2019-1315\nCVE-2019-1385\nCVE-2019-1388\nCVE-2019-1405\nCVE-2020-0668\nCVE-2020-0683\nCVE-2020-0796\nCVE-2020-1013\nCVE-2020-1013\nCVE-2021-26855\nCVE-2021-26857\nCVE-2021-26858\nCVE-2021-27065\nCVE-2021-44228\nCVE-2021-36934\nCVE-2022-40140\nCVE-2022-22965\nCVE-2023-36664\n\n1.2 added:\n2023-23397\n2022-34718\n\n\ud83d\udc49 \u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u043e\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 \u043f\u043e CVE\n\n!poc CVE-2019-1064\n\n\ud83d\udcbb Home\n\n\u0414\u043b\u044f \u0441\u0431\u043e\u0440\u043a\u0438 \u043f\u043e\u043d\u0430\u0434\u043e\u0431\u0438\u0442\u0441\u044f Visual Studio \u0438 .NET Framework 4.8 Developer Pack\n\n#moriarty #checker #csharp\n\n\u2708\ufe0f // Pentest HaT \ud83c\udfa9", "creation_timestamp": "2024-05-03T09:04:40.000000Z"} 2024-05-03T09:04:40+00:00 https://vulnerability.circl.lu/sighting/d99d6221-2af2-4d66-86c0-971d1ee7ef39/export 2026-05-08T05:04:12.799664+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "d99d6221-2af2-4d66-86c0-971d1ee7ef39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40140", "type": "seen", "source": "https://gist.github.com/zredlined/44192ca592721f64cf684ea0019540d0", "content": "", "creation_timestamp": "2025-08-18T15:53:12.000000Z"} 2025-08-18T15:53:12+00:00