https://vulnerability.circl.lu/sightings/feed 2026-05-04T09:39:59.807447+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/28010367-e596-48a9-b410-e1f1db1f0910/export 2026-05-04T09:40:00.220132+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "28010367-e596-48a9-b410-e1f1db1f0910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2946", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1ahttps://nvd.nist.gov/vuln/detail/CVE-2022-34169\nURL\uff1ahttps://github.com/bor8/CVE-2022-34169\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-15T09:47:35.000000Z"} 2022-08-15T09:47:35+00:00 https://vulnerability.circl.lu/sighting/6647fdf0-8c83-4be6-a8bb-c05ef2d24ed2/export 2026-05-04T09:40:00.220064+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6647fdf0-8c83-4be6-a8bb-c05ef2d24ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34165", "type": "seen", "source": "https://t.me/cibsecurity/49552", "content": "\u203c CVE-2022-34165 \u203c\n\nIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-09T20:30:26.000000Z"} 2022-09-09T20:30:26+00:00 https://vulnerability.circl.lu/sighting/04741625-5f6d-46f1-b4a8-9784ed6a7751/export 2026-05-04T09:40:00.219982+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "04741625-5f6d-46f1-b4a8-9784ed6a7751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34165", "type": "seen", "source": "https://t.me/ashaburroyah313/187", "content": "{(D)enial(OFF)ensive(S)ervice[ToolKit]}-{by_(io=psy+/03c8.net)}\n\n===========================================================================\n\n[AI] Abducting target to extract interesting information... Be patient!\n\n======================\n\n -Target URL: https://hy.health.gov.il\n\n -IP : 62.90.118.183\n -IPv6 : OFF\n -Port : 443\n\n -Domain: hy.health.gov.il\n\n---------\n\nTrying single visit broadband test (using GET)...\n\n -Bytes in : 58.7 KB\n -Load time: 6.04 seconds\n\n---------\n\nDetermining webserver fingerprint (note that this value can be a fake)...\n\n -Banner: Microsoft-IIS/8.5\n -V\u00eda : NOT found!\n\n---------\n\nSearching for extra Anti-DDoS protections...\n\n -WAF/IDS: FIREWALL NOT PRESENT (or not discovered yet)! ;-)\n\n---------\n\nSearching at CVE (https://cve.mitre.org) for vulnerabilities...\n\n -Last Reports:\n\n + CVE-2022-35282 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35282\n\n + CVE-2022-34336 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34336\n\n + CVE-2022-34165 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34165\n\n + CVE-2022-22670 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22670\n\n + CVE-2022-22666 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22666\n\n + CVE-2022-22654 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22654\n\n + CVE-2022-22640 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22640\n\n + CVE-2022-22638 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22638\n\n + CVE-2022-22637 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637\n\n + CVE-2022-22633 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22633\n\n---------\n\n[Info] [AI] Abduction finished! -> [OK!]", "creation_timestamp": "2022-10-01T14:47:50.000000Z"} 2022-10-01T14:47:50+00:00 https://vulnerability.circl.lu/sighting/4081aff7-2023-472c-b721-c0959c55718f/export 2026-05-04T09:40:00.219910+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "4081aff7-2023-472c-b721-c0959c55718f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html", "content": "", "creation_timestamp": "2022-11-02T11:41:00.000000Z"} 2022-11-02T11:41:00+00:00 https://vulnerability.circl.lu/sighting/6f7af537-7156-4345-96b1-bba2c45571e1/export 2026-05-04T09:40:00.219838+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6f7af537-7156-4345-96b1-bba2c45571e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3416", "type": "seen", "source": "https://t.me/cibsecurity/56200", "content": "\u203c CVE-2022-3416 \u203c\n\nThe WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:28:14.000000Z"} 2023-01-10T02:28:14+00:00 https://vulnerability.circl.lu/sighting/c5579359-31fe-473f-aa17-440e7c539ecd/export 2026-05-04T09:40:00.219764+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "c5579359-31fe-473f-aa17-440e7c539ecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://t.me/ctinow/181433", "content": "https://ift.tt/i7CvsYA\nCVE-2022-34169 | Oracle Financial Services Enterprise Case Management 8.0.8.2/8.1.1.1/8.1.2.5/8.1.2.6 Web UI numeric conversion", "creation_timestamp": "2024-02-08T15:41:59.000000Z"} 2024-02-08T15:41:59+00:00 https://vulnerability.circl.lu/sighting/be237caf-6e97-4c14-a5e8-d1b12eba8e81/export 2026-05-04T09:40:00.219688+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "be237caf-6e97-4c14-a5e8-d1b12eba8e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "published-proof-of-concept", "source": "Telegram/GVzbIvRKQ_pBb8RAmwM77aPrTfNfkOsNgLPsCj3jinnJ4WY", "content": "", "creation_timestamp": "2025-01-17T22:00:05.000000Z"} 2025-01-17T22:00:05+00:00 https://vulnerability.circl.lu/sighting/dccdd695-baab-4b45-a787-276a5b660f0a/export 2026-05-04T09:40:00.219577+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "dccdd695-baab-4b45-a787-276a5b660f0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3416", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11158", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3416\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)\n\ud83d\udccf Published: 2023-01-09T22:13:28.101Z\n\ud83d\udccf Modified: 2025-04-09T19:14:07.353Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/f927dbe0-3939-4882-a469-1309ac737ee6", "creation_timestamp": "2025-04-09T19:48:37.000000Z"} 2025-04-09T19:48:37+00:00 https://vulnerability.circl.lu/sighting/c11a7ff4-0785-457d-8724-89aa97238f1d/export 2026-05-04T09:40:00.217390+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "c11a7ff4-0785-457d-8724-89aa97238f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3lzzeuxkcgj2c", "content": "", "creation_timestamp": "2025-09-30T01:31:31.246850Z"} 2025-09-30T01:31:31.246850+00:00 https://vulnerability.circl.lu/sighting/b8dd501e-74fa-4f36-81fd-e0be9f24a126/export 2026-05-04T09:40:00.214671+00:00 Joseph Lee http://vulnerability.circl.lu/user/syspect {"uuid": "b8dd501e-74fa-4f36-81fd-e0be9f24a126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0292/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"} 2026-03-13T00:00:00+00:00