https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 04 Jun 2026 21:21:24 +0000 https://vulnerability.circl.lu/sighting/39c40ded-6c97-4520-9bb0-6c8eb5dadc60/export {"uuid": "39c40ded-6c97-4520-9bb0-6c8eb5dadc60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38972", "type": "seen", "source": "https://t.me/cibsecurity/49580", "content": "\u203c CVE-2022-38972 \u203c\n\nCross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 (for Movable Type 7 Series) and versions prior to 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated attacker to inject an arbitrary script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T07:23:28.000000Z"} {"uuid": "39c40ded-6c97-4520-9bb0-6c8eb5dadc60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38972", "type": "seen", "source": "https://t.me/cibsecurity/49580", "content": "\u203c CVE-2022-38972 \u203c\n\nCross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 (for Movable Type 7 Series) and versions prior to 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated attacker to inject an arbitrary script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T07:23:28.000000Z"} https://vulnerability.circl.lu/sighting/39c40ded-6c97-4520-9bb0-6c8eb5dadc60/export Mon, 12 Sep 2022 07:23:28 +0000 https://vulnerability.circl.lu/sighting/e5e4125a-4043-4492-957f-6c7daf5a0c4b/export {"uuid": "e5e4125a-4043-4492-957f-6c7daf5a0c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38978", "type": "seen", "source": "https://t.me/cibsecurity/49948", "content": "\u203c CVE-2022-38978 \u203c\n\nThe secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T22:29:06.000000Z"} {"uuid": "e5e4125a-4043-4492-957f-6c7daf5a0c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38978", "type": "seen", "source": "https://t.me/cibsecurity/49948", "content": "\u203c CVE-2022-38978 \u203c\n\nThe secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T22:29:06.000000Z"} https://vulnerability.circl.lu/sighting/e5e4125a-4043-4492-957f-6c7daf5a0c4b/export Fri, 16 Sep 2022 22:29:06 +0000 https://vulnerability.circl.lu/sighting/0ef2cd79-04e0-48fe-bed6-0b80f5690a6d/export {"uuid": "0ef2cd79-04e0-48fe-bed6-0b80f5690a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38979", "type": "seen", "source": "https://t.me/cibsecurity/49954", "content": "\u203c CVE-2022-38979 \u203c\n\nThe secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T22:29:15.000000Z"} {"uuid": "0ef2cd79-04e0-48fe-bed6-0b80f5690a6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38979", "type": "seen", "source": "https://t.me/cibsecurity/49954", "content": "\u203c CVE-2022-38979 \u203c\n\nThe secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T22:29:15.000000Z"} https://vulnerability.circl.lu/sighting/0ef2cd79-04e0-48fe-bed6-0b80f5690a6d/export Fri, 16 Sep 2022 22:29:15 +0000 https://vulnerability.circl.lu/sighting/762c2521-ec89-4a05-9828-e0cfa311386e/export {"uuid": "762c2521-ec89-4a05-9828-e0cfa311386e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38970", "type": "seen", "source": "https://t.me/cibsecurity/50464", "content": "\u203c CVE-2022-38970 \u203c\n\nieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-26T14:22:30.000000Z"} {"uuid": "762c2521-ec89-4a05-9828-e0cfa311386e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38970", "type": "seen", "source": "https://t.me/cibsecurity/50464", "content": "\u203c CVE-2022-38970 \u203c\n\nieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used to generate device IDs (UIDs) for devices that utilize Shenzhen Yunni Technology iLnkP2P suffers from a predictability flaw that allows remote attackers to establish direct connections to arbitrary devices.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-26T14:22:30.000000Z"} https://vulnerability.circl.lu/sighting/762c2521-ec89-4a05-9828-e0cfa311386e/export Mon, 26 Sep 2022 14:22:30 +0000 https://vulnerability.circl.lu/sighting/d113e726-8702-4455-8a70-5f64989b3347/export {"uuid": "d113e726-8702-4455-8a70-5f64989b3347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38975", "type": "seen", "source": "https://t.me/cibsecurity/50537", "content": "\u203c CVE-2022-38975 \u203c\n\nDOM-based cross-site scripting vulnerability in EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote attacker to inject an arbitrary script by having an administrative user of the product to visit a specially crafted page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T02:36:18.000000Z"} {"uuid": "d113e726-8702-4455-8a70-5f64989b3347", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38975", "type": "seen", "source": "https://t.me/cibsecurity/50537", "content": "\u203c CVE-2022-38975 \u203c\n\nDOM-based cross-site scripting vulnerability in EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote attacker to inject an arbitrary script by having an administrative user of the product to visit a specially crafted page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T02:36:18.000000Z"} https://vulnerability.circl.lu/sighting/d113e726-8702-4455-8a70-5f64989b3347/export Wed, 28 Sep 2022 02:36:18 +0000 https://vulnerability.circl.lu/sighting/30f731d5-0c67-4ff6-8a6b-b256afe982b5/export {"uuid": "30f731d5-0c67-4ff6-8a6b-b256afe982b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38977", "type": "seen", "source": "https://t.me/cibsecurity/51468", "content": "\u203c CVE-2022-38977 \u203c\n\nThe HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T20:35:09.000000Z"} {"uuid": "30f731d5-0c67-4ff6-8a6b-b256afe982b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38977", "type": "seen", "source": "https://t.me/cibsecurity/51468", "content": "\u203c CVE-2022-38977 \u203c\n\nThe HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T20:35:09.000000Z"} https://vulnerability.circl.lu/sighting/30f731d5-0c67-4ff6-8a6b-b256afe982b5/export Fri, 14 Oct 2022 20:35:09 +0000 https://vulnerability.circl.lu/sighting/95376a43-b589-41f4-a7a8-00b73108e74f/export {"uuid": "95376a43-b589-41f4-a7a8-00b73108e74f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38974", "type": "seen", "source": "https://t.me/cibsecurity/53159", "content": "\u203c CVE-2022-38974 \u203c\n\nBroken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T22:29:28.000000Z"} {"uuid": "95376a43-b589-41f4-a7a8-00b73108e74f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38974", "type": "seen", "source": "https://t.me/cibsecurity/53159", "content": "\u203c CVE-2022-38974 \u203c\n\nBroken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T22:29:28.000000Z"} https://vulnerability.circl.lu/sighting/95376a43-b589-41f4-a7a8-00b73108e74f/export Fri, 18 Nov 2022 22:29:28 +0000 https://vulnerability.circl.lu/sighting/f2bb397a-fdf1-459a-8fa7-d04991c7e01f/export {"uuid": "f2bb397a-fdf1-459a-8fa7-d04991c7e01f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3897", "type": "seen", "source": "https://t.me/cibsecurity/53686", "content": "\u203c CVE-2022-3897 \u203c\n\nThe WP Affiliate Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-30T00:29:42.000000Z"} {"uuid": "f2bb397a-fdf1-459a-8fa7-d04991c7e01f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3897", "type": "seen", "source": "https://t.me/cibsecurity/53686", "content": "\u203c CVE-2022-3897 \u203c\n\nThe WP Affiliate Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, and including, 6.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-30T00:29:42.000000Z"} https://vulnerability.circl.lu/sighting/f2bb397a-fdf1-459a-8fa7-d04991c7e01f/export Wed, 30 Nov 2022 00:29:42 +0000 https://vulnerability.circl.lu/sighting/5e5ef902-e3f2-4f77-afac-23ff8e491c75/export {"uuid": "5e5ef902-e3f2-4f77-afac-23ff8e491c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38971", "type": "seen", "source": "https://t.me/cibsecurity/60115", "content": "\u203c CVE-2022-38971 \u203c\n\nStored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form \u00e2\u20ac\u201c Registration Form \u00e2\u20ac\u201c Profile Form for User Profiles and Content Forms for User Submissions plugin <= 2.7.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T11:30:32.000000Z"} {"uuid": "5e5ef902-e3f2-4f77-afac-23ff8e491c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38971", "type": "seen", "source": "https://t.me/cibsecurity/60115", "content": "\u203c CVE-2022-38971 \u203c\n\nStored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form \u00e2\u20ac\u201c Registration Form \u00e2\u20ac\u201c Profile Form for User Profiles and Content Forms for User Submissions plugin <= 2.7.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T11:30:32.000000Z"} https://vulnerability.circl.lu/sighting/5e5ef902-e3f2-4f77-afac-23ff8e491c75/export Thu, 16 Mar 2023 11:30:32 +0000 https://vulnerability.circl.lu/sighting/d4985b8b-c844-4dc1-ac68-667eca138eb3/export {"uuid": "d4985b8b-c844-4dc1-ac68-667eca138eb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38973", "type": "seen", "source": "https://t.me/cibsecurity/68315", "content": "\u203c CVE-2022-38973 \u203c\n\nImproper access control for some Intel(R) Arc(TM) graphics cards A770 and A750 sold between October of 2022 and December of 2022 may allow an authenticated user to potentially enable denial of service or infomation disclosure via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T07:32:33.000000Z"} {"uuid": "d4985b8b-c844-4dc1-ac68-667eca138eb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38973", "type": "seen", "source": "https://t.me/cibsecurity/68315", "content": "\u203c CVE-2022-38973 \u203c\n\nImproper access control for some Intel(R) Arc(TM) graphics cards A770 and A750 sold between October of 2022 and December of 2022 may allow an authenticated user to potentially enable denial of service or infomation disclosure via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T07:32:33.000000Z"} https://vulnerability.circl.lu/sighting/d4985b8b-c844-4dc1-ac68-667eca138eb3/export Fri, 11 Aug 2023 07:32:33 +0000