https://vulnerability.circl.lu/sightings/feed 2026-05-06T09:00:11.181467+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/5a77567a-7d2b-4f7a-a268-92d3afc63b8d/export 2026-05-06T09:00:11.576199+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "5a77567a-7d2b-4f7a-a268-92d3afc63b8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44937", "type": "seen", "source": "https://t.me/cibsecurity/53617", "content": "\u203c CVE-2022-44937 \u203c\n\nBosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Add function under the Administrator List module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T00:28:36.000000Z"} 2022-11-29T00:28:36+00:00 https://vulnerability.circl.lu/sighting/b5d4f4bf-5e89-42b3-8ffc-8542b742b4fb/export 2026-05-06T09:00:11.576115+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "b5d4f4bf-5e89-42b3-8ffc-8542b742b4fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44930", "type": "seen", "source": "https://t.me/cibsecurity/53793", "content": "\u203c CVE-2022-44930 \u203c\n\nD-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T07:50:36.000000Z"} 2022-12-02T07:50:36+00:00 https://vulnerability.circl.lu/sighting/3a61f4b9-9aec-47ec-8456-149a6ad0557f/export 2026-05-06T09:00:11.576037+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "3a61f4b9-9aec-47ec-8456-149a6ad0557f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44938", "type": "seen", "source": "https://t.me/cibsecurity/54195", "content": "\u203c CVE-2022-44938 \u203c\n\nWeak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-08T22:12:53.000000Z"} 2022-12-08T22:12:53+00:00 https://vulnerability.circl.lu/sighting/369b82f1-a1ee-4ddc-9726-f95e58cfbd85/export 2026-05-06T09:00:11.575949+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "369b82f1-a1ee-4ddc-9726-f95e58cfbd85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4493", "type": "seen", "source": "https://t.me/cibsecurity/54502", "content": "\u203c CVE-2022-4493 \u203c\n\nA vulnerability classified as critical was found in scifio. Affected by this vulnerability is the function downloadAndUnpackResource of the file src/test/java/io/scif/util/DefaultSampleFilesService.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215803.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T14:27:33.000000Z"} 2022-12-14T14:27:33+00:00 https://vulnerability.circl.lu/sighting/752bcd27-89c6-4351-af2c-dd77e7444418/export 2026-05-06T09:00:11.575839+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "752bcd27-89c6-4351-af2c-dd77e7444418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44939", "type": "seen", "source": "https://t.me/cibsecurity/56077", "content": "\u203c CVE-2022-44939 \u203c\n\nEfs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-07T00:24:30.000000Z"} 2023-01-07T00:24:30+00:00 https://vulnerability.circl.lu/sighting/ce582167-6356-498b-888b-9817561bcbdc/export 2026-05-06T09:00:11.573324+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ce582167-6356-498b-888b-9817561bcbdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44939", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11168", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44939\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.\n\ud83d\udccf Published: 2023-01-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-09T20:35:14.041Z\n\ud83d\udd17 References:\n1. https://github.com/RashidKhanPathan/WindowsPrivilegeEscalation/blob/main/DLL%20Hijacking/CVE-2022-44939/Research.txt", "creation_timestamp": "2025-04-09T20:48:34.000000Z"} 2025-04-09T20:48:34+00:00