https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-09T01:02:10.885453+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/27676b58-847a-4147-99f2-38417e3e78b1/export27676b58-847a-4147-99f2-38417e3e78b12026-05-09T01:02:11.181091+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "27676b58-847a-4147-99f2-38417e3e78b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47522", "type": "published-proof-of-concept", "source": "Telegram/Sd3Yeffac5l_cN3j7Zg10Iv5d7wWPySyXAx1qkSfJeLSkJ4", "content": "", "creation_timestamp": "2023-03-31T15:29:13.000000Z"}2023-03-31T15:29:13+00:00https://vulnerability.circl.lu/sighting/a4c091ff-55fe-49c3-ae0d-dc5e07e7fa9f/exporta4c091ff-55fe-49c3-ae0d-dc5e07e7fa9f2026-05-09T01:02:11.180955+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "a4c091ff-55fe-49c3-ae0d-dc5e07e7fa9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47522", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2863", "content": "Tools - Hackers Factory \n\nyetAnotherObfuscator\n\nA C# obfuscator tool that can bypass Windows Defender antivirus. I made this tool mainly as an excuse to learn more about C# and how obfuscators function.\n\nhttps://github.com/0xb11a1/yetAnotherObfuscator\n\n#cybersecurity #infosec #pentesting #redteam\n\nhttps://github.com/Mr-xn/BLACKHAT_USA2022\n\n\u200b\u200bFreeMetsrvLoader\n\nFork of freeBokuLoader which targets and frees Metsrv's initial reflective DLL package.\n\nhttps://github.com/attl4s/freeMetsrvLoader\n\n#cybersecurity #infosec #pentesting #redteam\n\n\u200b\u200bPowershell String Cleaner\n\nSimple script to deobfuscate Powershell formatting strings.\n\nhttps://github.com/dr4k0nia/tooling-playground/tree/main/PowershellStringCleaner\n\n#cybersecurity #infosec\n\n\u200b\u200bUSBvalve\n\nI'm sure that, like me, you were asked to put your USB drive in an unknown device...and then the doubt:\n\nwhat happened to my poor dongle, behind the scene? Stealing my files? Encrypting them? Or just installing a malware? With USBvalve you can spot this out in seconds: built on super cheap off-the-shelf hardware you can quickly test any USB file system activity and understand what is going on before it's too late!\n\nhttps://github.com/cecio/USBvalve\n\n#cybersecurity #infosec\n\n\u200b\u200bPoastal\n\nPoastal is an email #OSINT tool that provides valuable information on any email address. With Poastal, you can easily input an email address and it will quickly answer several questions, providing you with crucial information.\n\nhttps://github.com/jakecreps/poastal\n\n#cybersecurity #infosec\n\n\u200b\u200bMacStealer \n\nWi-Fi Client Isolation Bypass.\n\nThis repo contains MacStealer. It can test Wi-Fi networks for client isolation bypasses (CVE-2022-47522). Our attack can intercept (steal) traffic toward other clients at the MAC layer, even if clients are prevented from communicating with each other. \n\nhttps://github.com/vanhoefm/macstealer\n\n#cybersecurity #infosec\n\n\u200b\u200bmulef\n\nThis tool performs #OSINT by finding #LinkedIn employees on GitHub. It has two modes: one for searching keywords on the GitHub profiles of the users you're searching for, and the other for scraping the location of the employee from LinkedIn, searching for the name of the employee, and then checking if their location on GitHub matches the one on LinkedIn.\n\nhttps://github.com/mux0x/mulef\n\n#cybersecurity #infosec\n\n\u200b\u200bhacking-writeups\n\nHelpful shell commands and lots of writeups from machines solved on Hack the Box and also walkthroughs from CTF competitions.\n\nhttps://github.com/BitFlippa27/hacking-writeups/tree/main/htb/ctf/cyber-apocalypse-2023/web\n\n#cybersecurity #infosec #pentesting #redteam\n\n\u200b\u200bHardHat C2\n\nA cross-platform, collaborative, Command & Control framework written in C#, designed for red teaming and ease of use.\n\nhttps://github.com/DragoQCC/HardHatC2\n\n#cybersecurity #infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-04-14T20:19:59.000000Z"}2023-04-14T20:19:59+00:00https://vulnerability.circl.lu/sighting/895f1f23-0336-417e-863c-8131482f025e/export895f1f23-0336-417e-863c-8131482f025e2026-05-09T01:02:11.180840+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "895f1f23-0336-417e-863c-8131482f025e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47522", "type": "seen", "source": "https://t.me/cibsecurity/62208", "content": "\u203c CVE-2022-47522 \u203c\n\nThe IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target's MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target's original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client's pairwise encryption key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T07:26:26.000000Z"}2023-04-15T07:26:26+00:00https://vulnerability.circl.lu/sighting/c4f2d143-54c3-4f2a-a16d-6909827f1d79/exportc4f2d143-54c3-4f2a-a16d-6909827f1d792026-05-09T01:02:11.180695+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "c4f2d143-54c3-4f2a-a16d-6909827f1d79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47522", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3019", "content": "Tools - Hackers Factory \n\nyetAnotherObfuscator\n\nA C# obfuscator tool that can bypass Windows Defender antivirus. I made this tool mainly as an excuse to learn more about C# and how obfuscators function.\n\nhttps://github.com/0xb11a1/yetAnotherObfuscator\n\n#cybersecurity #infosec #pentesting #redteam\n\nhttps://github.com/Mr-xn/BLACKHAT_USA2022\n\n\u200b\u200bFreeMetsrvLoader\n\nFork of freeBokuLoader which targets and frees Metsrv's initial reflective DLL package.\n\nhttps://github.com/attl4s/freeMetsrvLoader\n\n#cybersecurity #infosec #pentesting #redteam\n\n\u200b\u200bPowershell String Cleaner\n\nSimple script to deobfuscate Powershell formatting strings.\n\nhttps://github.com/dr4k0nia/tooling-playground/tree/main/PowershellStringCleaner\n\n#cybersecurity #infosec\n\n\u200b\u200bUSBvalve\n\nI'm sure that, like me, you were asked to put your USB drive in an unknown device...and then the doubt:\n\nwhat happened to my poor dongle, behind the scene? Stealing my files? Encrypting them? Or just installing a malware? With USBvalve you can spot this out in seconds: built on super cheap off-the-shelf hardware you can quickly test any USB file system activity and understand what is going on before it's too late!\n\nhttps://github.com/cecio/USBvalve\n\n#cybersecurity #infosec\n\n\u200b\u200bPoastal\n\nPoastal is an email #OSINT tool that provides valuable information on any email address. With Poastal, you can easily input an email address and it will quickly answer several questions, providing you with crucial information.\n\nhttps://github.com/jakecreps/poastal\n\n#cybersecurity #infosec\n\n\u200b\u200bMacStealer \n\nWi-Fi Client Isolation Bypass.\n\nThis repo contains MacStealer. It can test Wi-Fi networks for client isolation bypasses (CVE-2022-47522). Our attack can intercept (steal) traffic toward other clients at the MAC layer, even if clients are prevented from communicating with each other. \n\nhttps://github.com/vanhoefm/macstealer\n\n#cybersecurity #infosec\n\n\u200b\u200bmulef\n\nThis tool performs #OSINT by finding #LinkedIn employees on GitHub. It has two modes: one for searching keywords on the GitHub profiles of the users you're searching for, and the other for scraping the location of the employee from LinkedIn, searching for the name of the employee, and then checking if their location on GitHub matches the one on LinkedIn.\n\nhttps://github.com/mux0x/mulef\n\n#cybersecurity #infosec\n\n\u200b\u200bhacking-writeups\n\nHelpful shell commands and lots of writeups from machines solved on Hack the Box and also walkthroughs from CTF competitions.\n\nhttps://github.com/BitFlippa27/hacking-writeups/tree/main/htb/ctf/cyber-apocalypse-2023/web\n\n#cybersecurity #infosec #pentesting #redteam\n\n\u200b\u200bHardHat C2\n\nA cross-platform, collaborative, Command & Control framework written in C#, designed for red teaming and ease of use.\n\nhttps://github.com/DragoQCC/HardHatC2\n\n#cybersecurity #infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-20T10:20:10.000000Z"}2023-05-20T10:20:10+00:00https://vulnerability.circl.lu/sighting/7b13f901-64ba-4872-b4f8-0af6796fc337/export7b13f901-64ba-4872-b4f8-0af6796fc3372026-05-09T01:02:11.180583+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "7b13f901-64ba-4872-b4f8-0af6796fc337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47526", "type": "seen", "source": "https://t.me/cibsecurity/64804", "content": "\u203c CVE-2022-47526 \u203c\n\nFox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not require user interaction.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-31T07:24:09.000000Z"}2023-05-31T07:24:09+00:00https://vulnerability.circl.lu/sighting/945ae1f3-3efd-4faf-9d12-0eda6755635e/export945ae1f3-3efd-4faf-9d12-0eda6755635e2026-05-09T01:02:11.180458+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "945ae1f3-3efd-4faf-9d12-0eda6755635e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47522", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/1832", "content": "MacStealer: Wi-Fi Client Isolation Bypass \nMacStealer can test Wi-Fi networks for client isolation bypasses (CVE-2022-47522) to intercept (steal) traffic toward other clients at the MAC layer \nhttps://github.com/vanhoefm/macstealer", "creation_timestamp": "2023-09-15T13:41:52.000000Z"}2023-09-15T13:41:52+00:00https://vulnerability.circl.lu/sighting/0a90fdd1-91fb-47d0-b501-93f7506b60f4/export0a90fdd1-91fb-47d0-b501-93f7506b60f42026-05-09T01:02:11.180313+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "0a90fdd1-91fb-47d0-b501-93f7506b60f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47526", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1524", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47526\n\ud83d\udd39 Description: Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not require user interaction.\n\ud83d\udccf Published: 2023-05-30T00:00:00\n\ud83d\udccf Modified: 2025-01-14T16:55:56.879Z\n\ud83d\udd17 References:\n1. https://www.fox-it.com/nl-en/fox-crypto/fox-datadiode/\n2. https://www.fox-it.com/nl-en/software-vulnerability-report/", "creation_timestamp": "2025-01-14T17:20:47.000000Z"}2025-01-14T17:20:47+00:00https://vulnerability.circl.lu/sighting/b7e263f7-53fe-4523-acb6-767082ba563d/exportb7e263f7-53fe-4523-acb6-767082ba563d2026-05-09T01:02:11.180184+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "b7e263f7-53fe-4523-acb6-767082ba563d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47522", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llcon5uxj42c", "content": "", "creation_timestamp": "2025-03-26T21:02:09.839835Z"}2025-03-26T21:02:09.839835+00:00https://vulnerability.circl.lu/sighting/d241d33e-b25a-4f24-92c8-d98a507d8fc5/exportd241d33e-b25a-4f24-92c8-d98a507d8fc52026-05-09T01:02:11.179971+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "d241d33e-b25a-4f24-92c8-d98a507d8fc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47524", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11747", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47524\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.\n\ud83d\udccf Published: 2022-12-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T03:26:42.162Z\n\ud83d\udd17 References:\n1. https://www.f-secure.com/en/home/support/security-advisories/cve-2022-47524", "creation_timestamp": "2025-04-15T03:54:25.000000Z"}2025-04-15T03:54:25+00:00https://vulnerability.circl.lu/sighting/689f37db-0e05-4e02-bfb7-8537ef532a6e/export689f37db-0e05-4e02-bfb7-8537ef532a6e2026-05-09T01:02:11.177695+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "689f37db-0e05-4e02-bfb7-8537ef532a6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47521", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12310", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47521\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsing the operating channel attribute from Wi-Fi management frames.\n\ud83d\udccf Published: 2022-12-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T18:48:33.179Z\n\ud83d\udd17 References:\n1. https://lore.kernel.org/r/20221123153543.8568-4-philipturnbull%40github.com\n2. https://github.com/torvalds/linux/commit/f9b62f9843c7b0afdaecabbcebf1dbba18599408\n3. https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html\n4. https://security.netapp.com/advisory/ntap-20230113-0007/", "creation_timestamp": "2025-04-17T18:57:47.000000Z"}2025-04-17T18:57:47+00:00