https://vulnerability.circl.lu/sightings/feed 2026-05-05T21:17:05.263325+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/cac140cd-0389-432d-8680-0275d5328adc/export 2026-05-05T21:17:05.546705+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "cac140cd-0389-432d-8680-0275d5328adc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/600", "content": "CVE-2022-38374 : Fortinet FortiADC 7.0.0 > 7.0.2 & 6.2.0 > 6.2.4 -\u00a0Unauthorized Code / Command Execution \nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2022-11-26T21:29:01.000000Z"} 2022-11-26T21:29:01+00:00 https://vulnerability.circl.lu/sighting/45784218-e404-4c52-bd4e-91968e107b2f/export 2026-05-05T21:17:05.546638+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "45784218-e404-4c52-bd4e-91968e107b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3837", "type": "seen", "source": "https://t.me/cibsecurity/53996", "content": "\u203c CVE-2022-3837 \u203c\n\nThe Uji Countdown WordPress plugin through 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T20:39:57.000000Z"} 2022-12-05T20:39:57+00:00 https://vulnerability.circl.lu/sighting/6a8bd71f-ee73-4f3e-9cca-f6260a119c94/export 2026-05-05T21:17:05.546569+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6a8bd71f-ee73-4f3e-9cca-f6260a119c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38379", "type": "seen", "source": "https://t.me/cibsecurity/54077", "content": "\u203c CVE-2022-38379 \u203c\n\nImproper neutralization of input during web page generation [CWE-79] in FortiSOAR 7.0.0 through 7.0.3 and 7.2.0 may allow an authenticated attacker to inject HTML tags via input fields of various components within FortiSOAR.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T20:40:56.000000Z"} 2022-12-06T20:40:56+00:00 https://vulnerability.circl.lu/sighting/8bcf716b-f789-436f-a677-76fd0848cb9f/export 2026-05-05T21:17:05.546496+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8bcf716b-f789-436f-a677-76fd0848cb9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/poenamarket/23", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews.", "creation_timestamp": "2022-12-21T07:09:35.000000Z"} 2022-12-21T07:09:35+00:00 https://vulnerability.circl.lu/sighting/549df1a4-b788-4f36-9076-35a85d7e0887/export 2026-05-05T21:17:05.546418+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "549df1a4-b788-4f36-9076-35a85d7e0887", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/200332", "content": "{\n \"Source\": \"https://www.turkhackteam.org/\",\n \"Content\": \"CVE-2022-38374 Exploit hediye\", \n \"author\": \" (MuhammedTr768)\",\n \"Detection Date\": \"12 Feb 2023\",\n \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-02-12T20:42:57.000000Z"} 2023-02-12T20:42:57+00:00 https://vulnerability.circl.lu/sighting/54ca2b51-3767-4115-9adf-71db8b9f9417/export 2026-05-05T21:17:05.546348+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "54ca2b51-3767-4115-9adf-71db8b9f9417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38378", "type": "seen", "source": "https://t.me/cibsecurity/58345", "content": "\u203c CVE-2022-38378 \u203c\n\nAn improper privilege management vulnerability [CWE-269] in Fortinet FortiOS version 7.2.0 and before 7.0.7 and FortiProxy version 7.2.0 through 7.2.1 and before 7.0.7 allows an attacker that has access to the admin profile section (System subsection Administrator Users) to modify their own profile and upgrade their privileges to Read Write via CLI or GUI commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:17:33.000000Z"} 2023-02-16T22:17:33+00:00 https://vulnerability.circl.lu/sighting/22df3ee2-474e-4157-8c5b-c909b9cd12c3/export 2026-05-05T21:17:05.546271+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "22df3ee2-474e-4157-8c5b-c909b9cd12c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/400417", "content": "{\n \"Source\": \"https://www.turkhackteam.org/\",\n \"Content\": \"CVE-2022-38374 Exploit hediye\", \n \"author\": \" (MuhammedTr768)\",\n \"Detection Date\": \"16 Dec 2023\",\n \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-12-16T11:55:42.000000Z"} 2023-12-16T11:55:42+00:00 https://vulnerability.circl.lu/sighting/85a68135-50ec-4121-b7a6-70a5e0fc9862/export 2026-05-05T21:17:05.546174+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "85a68135-50ec-4121-b7a6-70a5e0fc9862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38375", "type": "seen", "source": "https://t.me/ics_cert/712", "content": "\u06a9\u0634\u0641 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0635\u0646\u0639\u062a\u06cc\n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0627\u0628\u0632\u0627\u0631 \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0634\u0628\u06a9\u0647 Fortinet FortiNAC \u0628\u0647 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc\u06cc \u062f\u0631 \u0631\u0648\u0646\u062f \u0645\u062c\u0648\u0632 \u0645\u0631\u0628\u0648\u0637 \u0645\u06cc\u200c\u0634\u0648\u062f. \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627\u06cc HTTP POST\u060c \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 00937-2023\nCVE-2022-38375\n\n\u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0647 \u0634\u0631\u0627\u06cc\u0637 \u0641\u0639\u0644\u06cc \u0648 \u062a\u062d\u0631\u06cc\u0645 \u0647\u0627\u06cc \u0627\u0639\u0645\u0627\u0644 \u0634\u062f\u0647\u060c \u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627 \u062f\u0631 \u0633\u0637\u062d \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631\u062f\u06cc \u0648\u0628\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u0632 \u0645\u06cc\u0632\u0628\u0627\u0646 \u0647\u0627\u06cc \u063a\u06cc\u0631\u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631 \u0634\u062e\u0635 \u062b\u0627\u0644\u062b \u0628\u0631\u0627\u06cc \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u06a9\u0627\u0631\u0628\u0631 (VPN \u0648 \u063a\u06cc\u0631\u0647) \u0628\u0647 \u0645\u062d\u0635\u0648\u0644 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a).\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://www.fortiguard.com/psirt/FG-IR-22-329\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2024-07-06T04:18:19.000000Z"} 2024-07-06T04:18:19+00:00 https://vulnerability.circl.lu/sighting/feaec8fd-2eca-4b72-9ba6-f0cdb3dc70af/export 2026-05-05T21:17:05.546071+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "feaec8fd-2eca-4b72-9ba6-f0cdb3dc70af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7247", "content": "#exploit\n1. CVE-2022-32898:\nANE_ProgramCreate() multiple kernel memory corruption\nhttps://0x36.github.io/CVE-2022-32898\n\n2. CVE-2022-43781:\nCommand injection using environment variables in Bitbucket Server/Data Center\nhttps://petrusviet.medium.com/cve-2022-43781-32bc29de8960\n\n3. CVE-2022-38374:\nXSS in Fortinet FortiADC 7.0.0 - 7.0.2, 6.2.0 - 6.2.4\nhttps://github.com/azhurtanov/CVE-2022-38374", "creation_timestamp": "2024-10-12T06:42:59.000000Z"} 2024-10-12T06:42:59+00:00 https://vulnerability.circl.lu/sighting/f7e632c5-bf50-4ed3-b1f7-48179c34f8e8/export 2026-05-05T21:17:05.543424+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "f7e632c5-bf50-4ed3-b1f7-48179c34f8e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38374", "type": "published-proof-of-concept", "source": "https://t.me/freeosint/1284", "content": "\ud83d\udca5CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.\nIt allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews", "creation_timestamp": "2025-04-29T05:54:25.000000Z"} 2025-04-29T05:54:25+00:00