https://vulnerability.circl.lu/sightings/feed 2026-06-01T10:17:58.994058+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/206e407b-39c3-4a4f-b30f-d436c2f34e63/export 2026-06-01T10:17:59.378262+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "206e407b-39c3-4a4f-b30f-d436c2f34e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38928", "type": "seen", "source": "https://t.me/cibsecurity/50196", "content": "\u203c CVE-2022-38928 \u203c\n\nXPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T16:40:51.000000Z"} 2022-09-21T16:40:51+00:00 https://vulnerability.circl.lu/sighting/025f4f95-1bac-42a4-a234-acdd239cc54e/export 2026-06-01T10:17:59.378176+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "025f4f95-1bac-42a4-a234-acdd239cc54e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3892", "type": "seen", "source": "https://t.me/cibsecurity/53997", "content": "\u203c CVE-2022-3892 \u203c\n\nThe WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.2 does not sanitize and escape Client IDs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T20:39:58.000000Z"} 2022-12-05T20:39:58+00:00 https://vulnerability.circl.lu/sighting/aa4511fc-1481-4450-86f7-2f07a1fad380/export 2026-06-01T10:17:59.378091+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "aa4511fc-1481-4450-86f7-2f07a1fad380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38922", "type": "seen", "source": "https://t.me/cibsecurity/61320", "content": "\u203c CVE-2022-38922 \u203c\n\nBluePage CMS thru 3.9 processes an insufficiently sanitized HTTP Header Cookie value allowing MySQL Injection in the 'users-cookie-settings' token using a Time-based blind SLEEP payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-03T18:24:47.000000Z"} 2023-04-03T18:24:47+00:00 https://vulnerability.circl.lu/sighting/c7b1a3a1-9871-41ae-8fe7-be1be0813647/export 2026-06-01T10:17:59.377983+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c7b1a3a1-9871-41ae-8fe7-be1be0813647", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38923", "type": "seen", "source": "https://t.me/cibsecurity/61328", "content": "\u203c CVE-2022-38923 \u203c\n\nBluePage CMS thru v3.9 processes an insufficiently sanitized HTTP Header allowing MySQL Injection in the 'User-Agent' field using a Time-based blind SLEEP payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-03T18:24:56.000000Z"} 2023-04-03T18:24:56+00:00 https://vulnerability.circl.lu/sighting/55345355-7742-4964-aade-957c6406b366/export 2026-06-01T10:17:59.376021+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "55345355-7742-4964-aade-957c6406b366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38923", "type": "seen", "source": "Telegram/FSN3ch32agJ8vGDHr-3_2QwsNqT-vhDnseQBZOXbikpvlg", "content": "", "creation_timestamp": "2023-04-03T19:36:50.000000Z"} 2023-04-03T19:36:50+00:00