https://vulnerability.circl.lu/sightings/feed 2026-06-11T02:39:01.051427+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/74f7cafe-b6fa-45c1-8102-9fe53d58a09d/export 2026-06-11T02:39:01.445591+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "74f7cafe-b6fa-45c1-8102-9fe53d58a09d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39014", "type": "seen", "source": "https://t.me/cibsecurity/49669", "content": "\u203c CVE-2022-39014 \u203c\n\nUnder certain conditions SAP BusinessObjects Business Intelligence Platform Central Management Console (CMC) - version 430, allows an attacker to access certain unencrypted sensitive parameters which would otherwise be restricted.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T20:25:35.000000Z"} 2022-09-13T20:25:35+00:00 https://vulnerability.circl.lu/sighting/69fa7fc9-ad07-4612-a486-35894540fe6c/export 2026-06-11T02:39:01.445478+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "69fa7fc9-ad07-4612-a486-35894540fe6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39014", "type": "seen", "source": "https://t.me/ics_cert/605", "content": "\u0641\u0631\u0648\u0634\u0646\u062f\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0622\u0644\u0645\u0627\u0646\u06cc SAP \u0627\u0632 \u0627\u0646\u062a\u0634\u0627\u0631 \u0647\u0634\u062a \u0628\u0648\u0644\u062a\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc\u062f \u0648 \u067e\u0646\u062c \u0628\u0648\u0644\u062a\u0646 \u0628\u0647 \u0631\u0648\u0632 \u0634\u062f\u0647 \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0628\u062e\u0634\u06cc \u0627\u0632 PatchTuesday \u0633\u067e\u062a\u0627\u0645\u0628\u0631 \u062e\u0628\u0631 \u062f\u0627\u062f.\n\n\u0645\u0647\u0645\u062a\u0631\u06cc\u0646 \u0622\u0646\u0647\u0627 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc \u062f\u0631 Business One \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u062a\u0634\u062f\u06cc\u062f \u0627\u0645\u062a\u06cc\u0627\u0632 \u0634\u0648\u062f. CVE-2022-35292 (\u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 CVSS 7.8) \u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u0633\u06cc\u0631 \u062e\u062f\u0645\u0627\u062a \u062a\u0648\u0635\u06cc\u0641 \u0645\u06cc \u0634\u0648\u062f.\n\n\u0637\u0628\u0642 \u06af\u0641\u062a\u0647 Onapsis\u060c \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u0633\u06cc\u0631 \u0633\u0631\u0648\u06cc\u0633 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u06cc\u06a9 \u0628\u0627\u06cc\u0646\u0631\u06cc \u062f\u0644\u062e\u0648\u0627\u0647 \u0647\u0646\u06af\u0627\u0645 \u0634\u0631\u0648\u0639 \u0633\u0631\u0648\u06cc\u0633 \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0645\u0648\u0631\u062f \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0642\u0631\u0627\u0631 \u06af\u06cc\u0631\u062f\u060c \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0622\u0646 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0631\u0627 \u0628\u0647 SYSTEM \u0627\u0641\u0632\u0627\u06cc\u0634 \u062f\u0647\u062f.\n\nSAP \u0647\u0645\u0686\u0646\u06cc\u0646 \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0631 BusinessObjects (CVE-2022-39014\u060c CVSS 7.7) \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062d\u0633\u0627\u0633 \u0631\u0645\u0632\u06af\u0630\u0627\u0631\u06cc \u0646\u0634\u062f\u0647 \u0631\u0627 \u0628\u062f\u0647\u062f.\n\n\u0627\u0639\u0644\u0627\u0645\u06cc\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u062c\u062f\u06cc\u062f \u062f\u0627\u0631\u0627\u06cc \u0631\u062a\u0628\u0647 \"\u0645\u062a\u0648\u0633\u0637\" \u0647\u0633\u062a\u0646\u062f \u0648 \u0628\u0631\u0627\u06cc BusinessObjects\u060c NetWeaver Enterprise Portal\u060c NetWeaver AS ABAP \u0648 NetWeaver Application Server ABAP \u0647\u0633\u062a\u0646\u062f.\n\n\u062f\u0631 \u0627\u06cc\u0646 \u0645\u0627\u0647\u060c SAP \u0647\u0645\u0686\u0646\u06cc\u0646 \u0627\u0639\u0644\u0627\u0645\u06cc\u0647\u200c\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0627 \u0627\u0648\u0644\u0648\u06cc\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0631 Knowledge Store\u060c SuccessFactors \u0648 BusinessObjects \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0631\u062f.\n\n\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83c\udfed\u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\n\u0627\u062f\u0645\u06cc\u0646:\nhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u062a\u0648\u06cc\u06cc\u062a\u0631:\nhttps://twitter.com/icscerti", "creation_timestamp": "2022-09-16T16:09:26.000000Z"} 2022-09-16T16:09:26+00:00 https://vulnerability.circl.lu/sighting/b2f161a0-4ae7-4629-9e45-b5dde76d5a92/export 2026-06-11T02:39:01.445368+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "b2f161a0-4ae7-4629-9e45-b5dde76d5a92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39014", "type": "seen", "source": "https://t.me/true_secator/3432", "content": "\u041d\u0435\u043c\u0435\u0446\u043a\u0438\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u041f\u041e SAP \u043e\u0431\u044a\u044f\u0432\u0438\u043b \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0432\u043e\u0441\u044c\u043c\u0438 \u043d\u043e\u0432\u044b\u0445 \u0438 \u043f\u044f\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u043e\u0433\u043e PatchTuesday.\n\n\u0421\u0430\u043c\u0430\u044f \u0432\u0430\u0436\u043d\u0430\u044f \u0438\u0437\u00a0\u043d\u0438\u0445\u00a0\u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Business One, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. CVE-2022-35292 (\u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS 7,8) \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0443\u0442\u0438 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0431\u0435\u0437 \u043a\u0430\u0432\u044b\u0447\u0435\u043a.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043c\u043d\u0435\u043d\u0438\u044e Onapsis, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0443\u0442\u0438 \u0441\u043b\u0443\u0436\u0431\u044b \u0431\u0435\u0437 \u043a\u0430\u0432\u044b\u0447\u0435\u043a \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u044b, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0435\u0439 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e SYSTEM.\n\nSAP \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 BusinessObjects (CVE-2022-39014, CVSS 7,7), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u0437\u0430\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u0417\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f SAP GRC \u0442\u0440\u0435\u0442\u044c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0435\u0430\u043d\u0441\u0443 Firefighter \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043e\u043d \u0431\u044b\u043b \u0437\u0430\u043a\u0440\u044b\u0442 \u0432 \u043f\u0430\u043d\u0435\u043b\u0438 \u0432\u0445\u043e\u0434\u0430.\u00a0\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-39801 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 7,1.\n\n\u0412\u0441\u0435 \u043f\u044f\u0442\u044c \u043e\u0441\u0442\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u043d\u043e\u0432\u044b\u0445 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u043c\u0435\u044e\u0442 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u00ab\u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438\u00bb \u0438 \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f BusinessObjects, NetWeaver Enterprise Portal, NetWeaver AS ABAP \u0438 NetWeaver Application Server ABAP.\n\n\u0412 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435 SAP \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0432\u044b\u0441\u043e\u043a\u043e\u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442\u043d\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u043d\u0438\u044f, \u043a\u0430\u0441\u0430\u044e\u0449\u0438\u0435\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0435 \u0437\u043d\u0430\u043d\u0438\u0439, SuccessFactors \u0438 BusinessObjects.", "creation_timestamp": "2022-09-16T16:32:02.000000Z"} 2022-09-16T16:32:02+00:00 https://vulnerability.circl.lu/sighting/6feafde3-74a3-4b80-bf70-c5e4a15f9702/export 2026-06-11T02:39:01.445268+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "6feafde3-74a3-4b80-bf70-c5e4a15f9702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39010", "type": "seen", "source": "https://t.me/cibsecurity/49956", "content": "\u203c CVE-2022-39010 \u203c\n\nThe HwChrService module has a vulnerability in permission control. Successful exploitation of this vulnerability may cause disclosure of user network information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T22:29:17.000000Z"} 2022-09-16T22:29:17+00:00 https://vulnerability.circl.lu/sighting/7cac5b67-1a6b-4f53-a485-efab17b568a3/export 2026-06-11T02:39:01.445183+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "7cac5b67-1a6b-4f53-a485-efab17b568a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39013", "type": "seen", "source": "https://t.me/cibsecurity/51185", "content": "\u203c CVE-2022-39013 \u203c\n\nUnder certain conditions an authenticated attacker can get access to OS credentials. Getting access to OS credentials enables the attacker to modify system data and make the system unavailable leading to high impact on confidentiality and low impact on integrity and availability of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-12T02:10:57.000000Z"} 2022-10-12T02:10:57+00:00 https://vulnerability.circl.lu/sighting/0da5b11e-33b6-4455-91df-bb517cb864ac/export 2026-06-11T02:39:01.445093+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "0da5b11e-33b6-4455-91df-bb517cb864ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39011", "type": "seen", "source": "https://t.me/cibsecurity/51448", "content": "\u203c CVE-2022-39011 \u203c\n\nThe HISP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause unauthorized access to the HISP module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T20:29:06.000000Z"} 2022-10-14T20:29:06+00:00 https://vulnerability.circl.lu/sighting/7b17679e-56d8-4bc0-8838-888238ddfa4d/export 2026-06-11T02:39:01.445002+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "7b17679e-56d8-4bc0-8838-888238ddfa4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39012", "type": "seen", "source": "https://t.me/cibsecurity/55502", "content": "\u203c CVE-2022-39012 \u203c\n\nHuawei Aslan Children's Watch has an improper input validation vulnerability. Successful exploitation may cause the watch's application service abnormal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T20:12:29.000000Z"} 2022-12-28T20:12:29+00:00 https://vulnerability.circl.lu/sighting/354e911d-f9ee-47c6-98a0-2bd10969845d/export 2026-06-11T02:39:01.444882+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "354e911d-f9ee-47c6-98a0-2bd10969845d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39018", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14551", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39018\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L)\n\ud83d\udd39 Description: \nBroken access controls on PDFtron data in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to access restricted PDF files via a known URL.\n\n\n\ud83d\udccf Published: 2022-10-31T20:09:57.134Z\n\ud83d\udccf Modified: 2025-05-02T17:46:24.638Z\n\ud83d\udd17 References:\n1. https://www.themissinglink.com.au/security-advisories/cve-2022-39018", "creation_timestamp": "2025-05-02T18:19:45.000000Z"} 2025-05-02T18:19:45+00:00 https://vulnerability.circl.lu/sighting/d0175b76-c51e-4838-8a40-7cfeebfa1bc2/export 2026-06-11T02:39:01.442847+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "d0175b76-c51e-4838-8a40-7cfeebfa1bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-39017", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14595", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39017\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L)\n\ud83d\udd39 Description: \n\n\nImproper input validation and output encoding in all comments fields, in M-Files Hubshare before 3.3.10.9 allows authenticated attackers to introduce cross-site scripting attacks via specially crafted comments.\n\n\n\ud83d\udccf Published: 2022-10-31T20:07:26.779Z\n\ud83d\udccf Modified: 2025-05-02T19:46:52.204Z\n\ud83d\udd17 References:\n1. https://www.themissinglink.com.au/security-advisories/cve-2022-39017", "creation_timestamp": "2025-05-02T20:16:49.000000Z"} 2025-05-02T20:16:49+00:00