https://vulnerability.circl.lu/sightings/feed 2026-06-25T20:22:25.312626+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/3f393903-9ab0-40a0-86db-ce346a6b7947/export 2026-06-25T20:22:25.337899+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3f393903-9ab0-40a0-86db-ce346a6b7947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24129", "type": "seen", "source": "https://t.me/cibsecurity/36875", "content": "\u203c CVE-2022-24129 \u203c\n\nThe OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T22:36:28.000000Z"} 2022-02-04T22:36:28+00:00 https://vulnerability.circl.lu/sighting/0dba5300-5cf6-4521-9017-6084088411e0/export 2026-06-25T20:22:25.337798+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "0dba5300-5cf6-4521-9017-6084088411e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1550", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPOC for CVE-2022-24124\nURL\uff1ahttps://github.com/ColdFusionX/CVE-2022-24124", "creation_timestamp": "2022-02-27T07:33:48.000000Z"} 2022-02-27T07:33:48+00:00 https://vulnerability.circl.lu/sighting/c1a63bcb-17fe-4429-a22b-657979bac37a/export 2026-06-25T20:22:25.337703+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c1a63bcb-17fe-4429-a22b-657979bac37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "seen", "source": "https://t.me/ctinow/48210", "content": "Casdoor SQL Injection (CVE-2022-24124)\n\nhttps://ift.tt/aQrKzDB", "creation_timestamp": "2022-03-09T11:36:32.000000Z"} 2022-03-09T11:36:32+00:00 https://vulnerability.circl.lu/sighting/76d7681e-b04d-4459-873f-bbb19de0241e/export 2026-06-25T20:22:25.337605+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "76d7681e-b04d-4459-873f-bbb19de0241e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24122", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1663", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24122 Proof of Concept\nURL\uff1ahttps://github.com/meowmeowxw/CVE-2022-24122", "creation_timestamp": "2022-03-15T08:42:35.000000Z"} 2022-03-15T08:42:35+00:00 https://vulnerability.circl.lu/sighting/22ca25cb-2c3e-47a7-9887-07943e9cb654/export 2026-06-25T20:22:25.337501+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "22ca25cb-2c3e-47a7-9887-07943e9cb654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24125", "type": "seen", "source": "https://t.me/cibsecurity/39292", "content": "\u203c CVE-2022-24125 \u203c\n\nThe matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted on the client side, and can thus be bypassed with a modified client.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-20T06:23:27.000000Z"} 2022-03-20T06:23:27+00:00 https://vulnerability.circl.lu/sighting/0c1ac953-859d-4443-8cf8-02a6a21898e1/export 2026-06-25T20:22:25.337400+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "0c1ac953-859d-4443-8cf8-02a6a21898e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24126", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1697", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDocumentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.\nURL\uff1ahttps://github.com/tremwil/ds3-nrssr-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-22T01:01:20.000000Z"} 2022-03-22T01:01:20+00:00 https://vulnerability.circl.lu/sighting/cf29f18e-480d-4174-ba7a-348d7ed9a438/export 2026-06-25T20:22:25.337295+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "cf29f18e-480d-4174-ba7a-348d7ed9a438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24125", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1697", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDocumentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.\nURL\uff1ahttps://github.com/tremwil/ds3-nrssr-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-22T01:01:20.000000Z"} 2022-03-22T01:01:20+00:00 https://vulnerability.circl.lu/sighting/0067bf2a-b1df-43f5-aee2-763f2d46b546/export 2026-06-25T20:22:25.337185+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "0067bf2a-b1df-43f5-aee2-763f2d46b546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6742", "content": "#exploit\n1. CVE-2021-38297:\nGo Web Assembly Vulnerability\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability\n\n2. CVE-2022-24124:\nCasdoor SQL Injection\nhttps://github.com/cukw/CVE-2022-24124_POC\n]-> https://blog.qualys.com/vulnerabilities-threat-research/2022/03/09/casdoor-sql-injection-cve-2022-24124", "creation_timestamp": "2022-09-05T12:37:13.000000Z"} 2022-09-05T12:37:13+00:00 https://vulnerability.circl.lu/sighting/bb198efc-7f7c-41c7-b776-1b7f0ee3927b/export 2026-06-25T20:22:25.337047+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "bb198efc-7f7c-41c7-b776-1b7f0ee3927b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24120", "type": "seen", "source": "https://t.me/cibsecurity/55328", "content": "\u203c CVE-2022-24120 \u203c\n\nCertain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T07:40:33.000000Z"} 2022-12-26T07:40:33+00:00 https://vulnerability.circl.lu/sighting/e4c0d014-5cf6-453c-8fec-6d8611019aad/export 2026-06-25T20:22:25.334755+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "e4c0d014-5cf6-453c-8fec-6d8611019aad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24120", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11509", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24120\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T23:31:04.226Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06", "creation_timestamp": "2025-04-11T23:51:15.000000Z"} 2025-04-11T23:51:15+00:00