https://vulnerability.circl.lu/sightings/feed 2026-05-30T13:24:31.829438+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/4327120c-d2eb-4abd-98e7-bdc6d587044f/export 2026-05-30T13:24:32.185649+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "4327120c-d2eb-4abd-98e7-bdc6d587044f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4585", "type": "seen", "source": "https://t.me/cibsecurity/54798", "content": "\u203c CVE-2022-4585 \u203c\n\nA vulnerability classified as problematic has been found in Opencaching Deutschland oc-server3. This affects an unknown part of the file htdocs/templates2/ocstyle/start.tpl of the component Cookie Handler. The manipulation of the argument usercountryCode leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is c720f2777a452186c67ef30db3679dd409556544. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216171.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-17T16:30:35.000000Z"} 2022-12-17T16:30:35+00:00 https://vulnerability.circl.lu/sighting/ff2fb11b-ef95-4dd0-b339-1e619eec93de/export 2026-05-30T13:24:32.185543+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ff2fb11b-ef95-4dd0-b339-1e619eec93de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45854", "type": "seen", "source": "https://t.me/cibsecurity/57642", "content": "\u203c CVE-2022-45854 \u203c\n\nAn improper check for unusual conditions in Zyxel NWA110AX firmware verisons prior to 6.50(ABTG.0)C0, which could allow a LAN attacker to cause a temporary denial-of-service (DoS) by sending crafted VLAN frames if the MAC address of the vulnerable AP were intercepted by the attacker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-07T07:23:37.000000Z"} 2023-02-07T07:23:37+00:00 https://vulnerability.circl.lu/sighting/88cb5a27-7a0a-4b4f-bd9f-421aaa6d87c1/export 2026-05-30T13:24:32.185426+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "88cb5a27-7a0a-4b4f-bd9f-421aaa6d87c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45858", "type": "seen", "source": "https://t.me/cibsecurity/63264", "content": "\u203c CVE-2022-45858 \u203c\n\nA use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.0 all versions, 8.8.0 all versions, 8.7.0 all versions may increase the chances of an attacker to have access to sensitive information or to perform man-in-the-middle attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T02:36:26.000000Z"} 2023-05-04T02:36:26+00:00 https://vulnerability.circl.lu/sighting/39ccd5a5-c92f-49b4-b108-53e2c135f28c/export 2026-05-30T13:24:32.185320+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "39ccd5a5-c92f-49b4-b108-53e2c135f28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45859", "type": "seen", "source": "https://t.me/cibsecurity/63265", "content": "\u203c CVE-2022-45859 \u203c\n\nAn insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T02:36:30.000000Z"} 2023-05-04T02:36:30+00:00 https://vulnerability.circl.lu/sighting/40b6a8cc-422c-45ce-bd97-e5c826cc4259/export 2026-05-30T13:24:32.185209+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "40b6a8cc-422c-45ce-bd97-e5c826cc4259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45855", "type": "seen", "source": "https://t.me/cibsecurity/66531", "content": "\u203c CVE-2022-45855 \u203c\n\nSpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely.\u00c2\u00a0Users are recommended to upgrade to 2.7.7.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-12T14:45:37.000000Z"} 2023-07-12T14:45:37+00:00 https://vulnerability.circl.lu/sighting/cef955cd-f5ff-48c0-94b5-4198983cc98e/export 2026-05-30T13:24:32.185068+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "cef955cd-f5ff-48c0-94b5-4198983cc98e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45857", "type": "seen", "source": "https://t.me/arpsyndicate/1811", "content": "#ExploitObserverAlert\n\nCVE-2022-45857\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-45857. An incorrect user management vulnerability [CWE-286] in the FortiManager version 6.4.6 and below VDOM creation component may allow an attacker to access a FortiGate without a password via newly created VDOMs after the super_admin account is deleted.\n\nFIRST-EPSS: 0.000550000\nNVD-IS: 5.3\nNVD-ES: 1.6", "creation_timestamp": "2023-12-16T11:24:31.000000Z"} 2023-12-16T11:24:31+00:00 https://vulnerability.circl.lu/sighting/56accac4-f8f9-4240-b3b2-792679901892/export 2026-05-30T13:24:32.184900+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "56accac4-f8f9-4240-b3b2-792679901892", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45856", "type": "seen", "source": "https://t.me/cvedetector/5257", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-45856 - FortiClient SAML SSO Certificate Validation Bypass Vulnerability\", \n \"Content\": \"CVE ID : CVE-2022-45856 \nPublished : Sept. 10, 2024, 3:15 p.m. | 45\u00a0minutes ago \nDescription : An improper certificate validation vulnerability [CWE-295] in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all versions, 7.0 all versions, 7.2.0 and FortiClientiOS 5.6 all versions, 6.0.0 through 6.0.1, 7.0.0 through 7.0.6 SAML SSO feature may allow an unauthenticated attacker to\u00a0man-in-the-middle the communication between the FortiClient and\u00a0 both the service provider and the identity provider. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"10 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T18:25:31.000000Z"} 2024-09-10T18:25:31+00:00 https://vulnerability.circl.lu/sighting/360538b1-5172-4dcf-9493-13f7a182dc3e/export 2026-05-30T13:24:32.182627+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "360538b1-5172-4dcf-9493-13f7a182dc3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45853", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1198", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45853\n\ud83d\udd39 Description: The privilege escalation vulnerability in the Zyxel GS1900-8 firmware version \n\nV2.70(AAHH.3)\u00a0and the GS1900-8HP firmware version\u00a0V2.70(AAHI.3) could allow an authenticated, local attacker with administrator privileges to execute some system commands as 'root' on a vulnerable device via SSH.\n\ud83d\udccf Published: 2023-05-30T10:02:46.637Z\n\ud83d\udccf Modified: 2025-01-10T17:32:54.505Z\n\ud83d\udd17 References:\n1. https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-privilege-escalation-vulnerability-in-gs1900-series-switches", "creation_timestamp": "2025-01-10T18:03:46.000000Z"} 2025-01-10T18:03:46+00:00