https://vulnerability.circl.lu/sightings/feed 2026-06-14T17:11:50.063305+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/91531945-55fd-4880-b9d2-9da49eb5cf82/export 2026-06-14T17:11:50.405255+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "91531945-55fd-4880-b9d2-9da49eb5cf82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4881", "type": "seen", "source": "https://t.me/cibsecurity/56137", "content": "\u203c CVE-2022-4881 \u203c\n\nA vulnerability was found in CapsAdmin PAC3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lua/pac3/core/shared/http.lua. The manipulation of the argument url leads to cross site scripting. The attack may be launched remotely. The name of the patch is 8fc9e12dfa21d757be6eb4194c763e848b299ac0. It is recommended to apply a patch to fix this issue. VDB-217646 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-08T16:26:41.000000Z"} 2023-01-08T16:26:41+00:00 https://vulnerability.circl.lu/sighting/2ffefab5-35f8-4ff0-bbdc-cf45e3c6d667/export 2026-06-14T17:11:50.405154+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "2ffefab5-35f8-4ff0-bbdc-cf45e3c6d667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48811", "type": "seen", "source": "https://t.me/cvedetector/942", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48811 - IBM Nic NULL Pointer Dereference\", \n \"Content\": \"CVE ID : CVE-2022-48811 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nibmvnic: don't release napi in __ibmvnic_open() \n \nIf __ibmvnic_open() encounters an error such as when setting link state, \nit calls release_resources() which frees the napi structures needlessly. \nInstead, have __ibmvnic_open() only clean up the work it did so far (i.e. \ndisable napi and irqs) and leave the rest to the callers. \n \nIf caller of __ibmvnic_open() is ibmvnic_open(), it should release the \nresources immediately. If the caller is do_reset() or do_hard_reset(), \nthey will release the resources on the next reset. \n \nThis fixes following crash that occurred when running the drmgr command \nseveral times to add/remove a vnic interface: \n \n [102056] ibmvnic 30000003 env3: Disabling rx_scrq[6] irq \n [102056] ibmvnic 30000003 env3: Disabling rx_scrq[7] irq \n [102056] ibmvnic 30000003 env3: Replenished 8 pools \n Kernel attempted to read user page (10) - exploit attempt? (uid: 0) \n BUG: Kernel NULL pointer dereference on read at 0x00000010 \n Faulting instruction address: 0xc000000000a3c840 \n Oops: Kernel access of bad area, sig: 11 [#1] \n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries \n ... \n CPU: 9 PID: 102056 Comm: kworker/9:2 Kdump: loaded Not tainted 5.16.0-rc5-autotest-g6441998e2e37 #1 \n Workqueue: events_long __ibmvnic_reset [ibmvnic] \n NIP: c000000000a3c840 LR: c0080000029b5378 CTR: c000000000a3c820 \n REGS: c0000000548e37e0 TRAP: 0300 Not tainted (5.16.0-rc5-autotest-g6441998e2e37) \n MSR: 8000000000009033 CR: 28248484 XER: 00000004 \n CFAR: c0080000029bdd24 DAR: 0000000000000010 DSISR: 40000000 IRQMASK: 0 \n GPR00: c0080000029b55d0 c0000000548e3a80 c0000000028f0200 0000000000000000 \n ... \n NIP [c000000000a3c840] napi_enable+0x20/0xc0 \n LR [c0080000029b5378] __ibmvnic_open+0xf0/0x430 [ibmvnic] \n Call Trace: \n [c0000000548e3a80] [0000000000000006] 0x6 (unreliable) \n [c0000000548e3ab0] [c0080000029b55d0] __ibmvnic_open+0x348/0x430 [ibmvnic] \n [c0000000548e3b40] [c0080000029bcc28] __ibmvnic_reset+0x500/0xdf0 [ibmvnic] \n [c0000000548e3c60] [c000000000176228] process_one_work+0x288/0x570 \n [c0000000548e3d00] [c000000000176588] worker_thread+0x78/0x660 \n [c0000000548e3da0] [c0000000001822f0] kthread+0x1c0/0x1d0 \n [c0000000548e3e10] [c00000000000cf64] ret_from_kernel_thread+0x5c/0x64 \n Instruction dump: \n 7d2948f8 792307e0 4e800020 60000000 3c4c01eb 384239e0 f821ffd1 39430010 \n 38a0fff6 e92d1100 f9210028 39200000 f9010020 60420000 e9210020 \n ---[ end trace 5f8033b08fd27706 ]--- \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:28.000000Z"} 2024-07-16T15:26:28+00:00 https://vulnerability.circl.lu/sighting/0d50cdd4-2ec0-4f0c-b071-48d0c0086c13/export 2026-06-14T17:11:50.405060+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "0d50cdd4-2ec0-4f0c-b071-48d0c0086c13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48815", "type": "seen", "source": "https://t.me/cvedetector/943", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48815 - Linux Kernel bcm_sf2 MDIobus Vulnerability (Buffer Pointer Corruption)\", \n \"Content\": \"CVE ID : CVE-2022-48815 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: dsa: bcm_sf2: don't use devres for mdiobus \n \nAs explained in commits: \n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\") \n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\") \n \nmdiobus_free() will panic when called from devm_mdiobus_free() remove on ->shutdown) do not apply. But there is one more which \napplies here. \n \nIf the DSA master itself is on a bus that calls ->remove from ->shutdown \n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link \nbetween the switch and the DSA master, and device_links_unbind_consumers() \nwill unbind the bcm_sf2 switch driver on shutdown. \n \nSo the same treatment must be applied to all DSA switch drivers, which \nis: either use devres for both the mdiobus allocation and registration, \nor don't use devres at all. \n \nThe bcm_sf2 driver has the code structure in place for orderly mdiobus \nremoval, so just replace devm_mdiobus_alloc() with the non-devres \nvariant, and add manual free where necessary, to ensure that we don't \nlet devres free a still-registered bus. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:29.000000Z"} 2024-07-16T15:26:29+00:00 https://vulnerability.circl.lu/sighting/bccda528-c730-496c-a425-15b3b425bb2e/export 2026-06-14T17:11:50.404969+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "bccda528-c730-496c-a425-15b3b425bb2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48813", "type": "seen", "source": "https://t.me/cvedetector/944", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48813 - \"AMD Felix PCI Device MDIO Bus Registration Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2022-48813 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: dsa: felix: don't use devres for mdiobus \n \nAs explained in commits: \n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\") \n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\") \n \nmdiobus_free() will panic when called from devm_mdiobus_free() remove on ->shutdown) do not apply. But there is one more which \napplies here. \n \nIf the DSA master itself is on a bus that calls ->remove from ->shutdown \n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link \nbetween the switch and the DSA master, and device_links_unbind_consumers() \nwill unbind the felix switch driver on shutdown. \n \nSo the same treatment must be applied to all DSA switch drivers, which \nis: either use devres for both the mdiobus allocation and registration, \nor don't use devres at all. \n \nThe felix driver has the code structure in place for orderly mdiobus \nremoval, so just replace devm_mdiobus_alloc_size() with the non-devres \nvariant, and add manual free where necessary, to ensure that we don't \nlet devres free a still-registered bus. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:30.000000Z"} 2024-07-16T15:26:30+00:00 https://vulnerability.circl.lu/sighting/e609a5bf-d426-4f4d-bed1-a29c1ee97995/export 2026-06-14T17:11:50.404879+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e609a5bf-d426-4f4d-bed1-a29c1ee97995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48819", "type": "seen", "source": "https://t.me/cvedetector/945", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48819 - \"The Linux Kernel TCP MSG_ZEROCOPY Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2022-48819 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case \n \nsyzbot found that mixing sendpage() and sendmsg(MSG_ZEROCOPY) \ncalls over the same TCP socket would again trigger the \ninfamous warning in inet_sock_destruct() \n \n WARN_ON(sk_forward_alloc_get(sk)); \n \nWhile Talal took into account a mix of regular copied data \nand MSG_ZEROCOPY one in the same skb, the sendpage() path \nhas been forgotten. \n \nWe want the charging to happen for sendpage(), because \npages could be coming from a pipe. What is missing is the \ndowngrading of pure zerocopy status to make sure \nsk_forward_alloc will stay synced. \n \nAdd tcp_downgrade_zcopy_pure() helper so that we can \nuse it from the two callers. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:34.000000Z"} 2024-07-16T15:26:34+00:00 https://vulnerability.circl.lu/sighting/b4332cdf-15ed-4b89-a379-206fb35a880f/export 2026-06-14T17:11:50.404772+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "b4332cdf-15ed-4b89-a379-206fb35a880f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48818", "type": "seen", "source": "https://t.me/cvedetector/947", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48818 - Marvell mv88e6xxx MDIO Bus Device Free of Charge Vulnerability\", \n \"Content\": \"CVE ID : CVE-2022-48818 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: dsa: mv88e6xxx: don't use devres for mdiobus \n \nAs explained in commits: \n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\") \n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\") \n \nmdiobus_free() will panic when called from devm_mdiobus_free() remove on \n->shutdown) do not apply. But there is one more which applies here. \n \nIf the DSA master itself is on a bus that calls ->remove from ->shutdown \n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link \nbetween the switch and the DSA master, and device_links_unbind_consumers() \nwill unbind the Marvell switch driver on shutdown. \n \nsystemd-shutdown[1]: Powering off. \nmv88e6085 0x0000000008b96000:00 sw_gl0: Link is Down \nfsl-mc dpbp.9: Removing from iommu group 7 \nfsl-mc dpbp.8: Removing from iommu group 7 \n------------[ cut here ]------------ \nkernel BUG at drivers/net/phy/mdio_bus.c:677! \nInternal error: Oops - BUG: 0 [#1] PREEMPT SMP \nModules linked in: \nCPU: 0 PID: 1 Comm: systemd-shutdow Not tainted 5.16.5-00040-gdc05f73788e5 #15 \npc : mdiobus_free+0x44/0x50 \nlr : devm_mdiobus_free+0x10/0x20 \nCall trace: \n mdiobus_free+0x44/0x50 \n devm_mdiobus_free+0x10/0x20 \n devres_release_all+0xa0/0x100 \n __device_release_driver+0x190/0x220 \n device_release_driver_internal+0xac/0xb0 \n device_links_unbind_consumers+0xd4/0x100 \n __device_release_driver+0x4c/0x220 \n device_release_driver_internal+0xac/0xb0 \n device_links_unbind_consumers+0xd4/0x100 \n __device_release_driver+0x94/0x220 \n device_release_driver+0x28/0x40 \n bus_remove_device+0x118/0x124 \n device_del+0x174/0x420 \n fsl_mc_device_remove+0x24/0x40 \n __fsl_mc_device_remove+0xc/0x20 \n device_for_each_child+0x58/0xa0 \n dprc_remove+0x90/0xb0 \n fsl_mc_driver_remove+0x20/0x5c \n __device_release_driver+0x21c/0x220 \n device_release_driver+0x28/0x40 \n bus_remove_device+0x118/0x124 \n device_del+0x174/0x420 \n fsl_mc_bus_remove+0x80/0x100 \n fsl_mc_bus_shutdown+0xc/0x1c \n platform_shutdown+0x20/0x30 \n device_shutdown+0x154/0x330 \n kernel_power_off+0x34/0x6c \n __do_sys_reboot+0x15c/0x250 \n __arm64_sys_reboot+0x20/0x30 \n invoke_syscall.constprop.0+0x4c/0xe0 \n do_el0_svc+0x4c/0x150 \n el0_svc+0x24/0xb0 \n el0t_64_sync_handler+0xa8/0xb0 \n el0t_64_sync+0x178/0x17c \n \nSo the same treatment must be applied to all DSA switch drivers, which \nis: either use devres for both the mdiobus allocation and registration, \nor don't use devres at all. \n \nThe Marvell driver already has a good structure for mdiobus removal, so \njust plug in mdiobus_free and get rid of devres. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:36.000000Z"} 2024-07-16T15:26:36+00:00 https://vulnerability.circl.lu/sighting/66b5c6e9-ea9a-42f9-bc1d-c362d265f961/export 2026-06-14T17:11:50.404659+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "66b5c6e9-ea9a-42f9-bc1d-c362d265f961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48814", "type": "seen", "source": "https://t.me/cvedetector/948", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48814 - Vulnerability Title: Linux Kernel NetDevice DSA Seville MDIobus Devres Race Condition\", \n \"Content\": \"CVE ID : CVE-2022-48814 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: dsa: seville: register the mdiobus under devres \n \nAs explained in commits: \n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\") \n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\") \n \nmdiobus_free() will panic when called from devm_mdiobus_free() remove on ->shutdown) do not apply. But there is one more which \napplies here. \n \nIf the DSA master itself is on a bus that calls ->remove from ->shutdown \n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link \nbetween the switch and the DSA master, and device_links_unbind_consumers() \nwill unbind the seville switch driver on shutdown. \n \nSo the same treatment must be applied to all DSA switch drivers, which \nis: either use devres for both the mdiobus allocation and registration, \nor don't use devres at all. \n \nThe seville driver has a code structure that could accommodate both the \nmdiobus_unregister and mdiobus_free calls, but it has an external \ndependency upon mscc_miim_setup() from mdio-mscc-miim.c, which calls \ndevm_mdiobus_alloc_size() on its behalf. So rather than restructuring \nthat, and exporting yet one more symbol mscc_miim_teardown(), let's work \nwith devres and replace of_mdiobus_register with the devres variant. \nWhen we use all-devres, we can ensure that devres doesn't free a \nstill-registered bus (it either runs both callbacks, or none). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:37.000000Z"} 2024-07-16T15:26:37+00:00 https://vulnerability.circl.lu/sighting/ad051a66-3a3b-4be9-9117-7e9f7eef85af/export 2026-06-14T17:11:50.403849+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "ad051a66-3a3b-4be9-9117-7e9f7eef85af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48817", "type": "seen", "source": "https://t.me/cvedetector/949", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48817 - \"Cisco DSA MDIO Bus Registration Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2022-48817 \nPublished : July 16, 2024, 12:15 p.m. | 43\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nnet: dsa: ar9331: register the mdiobus under devres \n \nAs explained in commits: \n74b6d7d13307 (\"net: dsa: realtek: register the MDIO bus under devres\") \n5135e96a3dd2 (\"net: dsa: don't allocate the slave_mii_bus using devres\") \n \nmdiobus_free() will panic when called from devm_mdiobus_free() remove on \n->shutdown) do not apply. But there is one more which applies here. \n \nIf the DSA master itself is on a bus that calls ->remove from ->shutdown \n(like dpaa2-eth, which is on the fsl-mc bus), there is a device link \nbetween the switch and the DSA master, and device_links_unbind_consumers() \nwill unbind the ar9331 switch driver on shutdown. \n \nSo the same treatment must be applied to all DSA switch drivers, which \nis: either use devres for both the mdiobus allocation and registration, \nor don't use devres at all. \n \nThe ar9331 driver doesn't have a complex code structure for mdiobus \nremoval, so just replace of_mdiobus_register with the devres variant in \norder to be all-devres and ensure that we don't free a still-registered \nbus. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T15:26:38.000000Z"} 2024-07-16T15:26:38+00:00 https://vulnerability.circl.lu/sighting/d30d6efc-7b2d-4154-9743-1aefbba93e01/export 2026-06-14T17:11:50.402974+00:00 Alexandre Dulaunoy https://cve.circl.lu/user/adulau {"uuid": "d30d6efc-7b2d-4154-9743-1aefbba93e01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2022-48811", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"} 2025-12-03T14:14:49.267740+00:00 https://vulnerability.circl.lu/sighting/26342297-8112-44fc-bd6c-ae808fc31e20/export 2026-06-14T17:11:50.400316+00:00 Joseph Lee https://cve.circl.lu/user/syspect {"uuid": "26342297-8112-44fc-bd6c-ae808fc31e20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-48816", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} 2026-03-19T00:00:00+00:00