Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-04T19:21:20.082053+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/8d0e5116-9561-42a0-b633-8932eb7b2aed/export 8d0e5116-9561-42a0-b633-8932eb7b2aed 2026-05-04T19:21:20.663410+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8d0e5116-9561-42a0-b633-8932eb7b2aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41253", "type": "seen", "source": "https://t.me/cibsecurity/50200", "content": "\u203c CVE-2022-41253 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T20:41:10.000000Z"} 2022-09-21T20:41:10+00:00 https://vulnerability.circl.lu/sighting/21168a71-d5a9-4d84-9438-f460ffdb5f43/export 21168a71-d5a9-4d84-9438-f460ffdb5f43 2026-05-04T19:21:20.663275+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "21168a71-d5a9-4d84-9438-f460ffdb5f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41250", "type": "seen", "source": "https://t.me/cibsecurity/50212", "content": "\u203c CVE-2022-41250 \u203c\n\nA missing permission check in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T20:41:24.000000Z"} 2022-09-21T20:41:24+00:00 https://vulnerability.circl.lu/sighting/a0e0be98-c042-4d83-a160-7eccc6087824/export a0e0be98-c042-4d83-a160-7eccc6087824 2026-05-04T19:21:20.663121+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a0e0be98-c042-4d83-a160-7eccc6087824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41258", "type": "seen", "source": "https://t.me/cibsecurity/52683", "content": "\u203c CVE-2022-41258 \u203c\n\nDue to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality, integrity and availability of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:38.000000Z"} 2022-11-09T00:41:38+00:00 https://vulnerability.circl.lu/sighting/79cca42d-3250-482c-b9b6-b7b682064f0e/export 79cca42d-3250-482c-b9b6-b7b682064f0e 2026-05-04T19:21:20.662988+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "79cca42d-3250-482c-b9b6-b7b682064f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41259", "type": "seen", "source": "https://t.me/cibsecurity/52691", "content": "\u203c CVE-2022-41259 \u203c\n\nSAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:49.000000Z"} 2022-11-09T00:41:49+00:00 https://vulnerability.circl.lu/sighting/54f47d3e-3256-42c1-b3d9-5c9b9f91d0c9/export 54f47d3e-3256-42c1-b3d9-5c9b9f91d0c9 2026-05-04T19:21:20.662857+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "54f47d3e-3256-42c1-b3d9-5c9b9f91d0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4125", "type": "seen", "source": "https://t.me/cibsecurity/54869", "content": "\u203c CVE-2022-4125 \u203c\n\nThe Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF check when creating/updating popups, and is missing sanitisation as well as escaping, which could allow unauthenticated attackers to create arbitrary popups and add Stored XSS payloads as well\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T16:10:44.000000Z"} 2022-12-19T16:10:44+00:00 https://vulnerability.circl.lu/sighting/6d46e2c0-4841-4e99-9c2e-34f9bfa81aab/export 6d46e2c0-4841-4e99-9c2e-34f9bfa81aab 2026-05-04T19:21:20.662708+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6d46e2c0-4841-4e99-9c2e-34f9bfa81aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41259", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14545", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41259\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.\n\ud83d\udccf Published: 2022-11-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T18:04:10.876Z\n\ud83d\udd17 References:\n1. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\n2. https://launchpad.support.sap.com/#/notes/3229987", "creation_timestamp": "2025-05-02T18:19:36.000000Z"} 2025-05-02T18:19:36+00:00 https://vulnerability.circl.lu/sighting/5a4240ba-9f8b-4d11-9fc5-f60f7b937c33/export 5a4240ba-9f8b-4d11-9fc5-f60f7b937c33 2026-05-04T19:21:20.662531+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "5a4240ba-9f8b-4d11-9fc5-f60f7b937c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41252", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2jqiej6wbp2", "content": "", "creation_timestamp": "2025-10-06T13:41:55.403775Z"} 2025-10-06T13:41:55.403775+00:00 https://vulnerability.circl.lu/sighting/92c3d1aa-0600-4650-9a76-d007104fb18a/export 92c3d1aa-0600-4650-9a76-d007104fb18a 2026-05-04T19:21:20.660371+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "92c3d1aa-0600-4650-9a76-d007104fb18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41255", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2lqa6atw6u2", "content": "", "creation_timestamp": "2025-10-07T08:42:42.890694Z"} 2025-10-07T08:42:42.890694+00:00