Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 04:19:51 +0000 3fa17efb-98bc-4ac0-98e3-bbb17ab2125d https://vulnerability.circl.lu/sighting/3fa17efb-98bc-4ac0-98e3-bbb17ab2125d/export {"uuid": "3fa17efb-98bc-4ac0-98e3-bbb17ab2125d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21187", "type": "seen", "source": "https://t.me/cibsecurity/38900", "content": "\u203c CVE-2022-21187 \u203c\n\nThe package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the update_repo function (when using hg), the url parameter is passed to the hg clone command. By injecting some hg options it was possible to get arbitrary command execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T21:18:21.000000Z"} {"uuid": "3fa17efb-98bc-4ac0-98e3-bbb17ab2125d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21187", "type": "seen", "source": "https://t.me/cibsecurity/38900", "content": "\u203c CVE-2022-21187 \u203c\n\nThe package libvcs before 0.11.1 are vulnerable to Command Injection via argument injection. When calling the update_repo function (when using hg), the url parameter is passed to the hg clone command. By injecting some hg options it was possible to get arbitrary command execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T21:18:21.000000Z"} https://vulnerability.circl.lu/sighting/3fa17efb-98bc-4ac0-98e3-bbb17ab2125d/export Mon, 14 Mar 2022 21:18:21 +0000 46b015be-d48c-4ab7-8ca0-0187ea784504 https://vulnerability.circl.lu/sighting/46b015be-d48c-4ab7-8ca0-0187ea784504/export {"uuid": "46b015be-d48c-4ab7-8ca0-0187ea784504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21182", "type": "seen", "source": "https://t.me/cibsecurity/42497", "content": "\u203c CVE-2022-21182 \u203c\n\nA privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-12T20:35:58.000000Z"} {"uuid": "46b015be-d48c-4ab7-8ca0-0187ea784504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21182", "type": "seen", "source": "https://t.me/cibsecurity/42497", "content": "\u203c CVE-2022-21182 \u203c\n\nA privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-12T20:35:58.000000Z"} https://vulnerability.circl.lu/sighting/46b015be-d48c-4ab7-8ca0-0187ea784504/export Thu, 12 May 2022 20:35:58 +0000 b0cda3c2-07b9-459e-9bce-14a99c662681 https://vulnerability.circl.lu/sighting/b0cda3c2-07b9-459e-9bce-14a99c662681/export {"uuid": "b0cda3c2-07b9-459e-9bce-14a99c662681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21184", "type": "seen", "source": "https://t.me/cibsecurity/44753", "content": "\u203c CVE-2022-21184 \u203c\n\nAn information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T22:23:00.000000Z"} {"uuid": "b0cda3c2-07b9-459e-9bce-14a99c662681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21184", "type": "seen", "source": "https://t.me/cibsecurity/44753", "content": "\u203c CVE-2022-21184 \u203c\n\nAn information disclosure vulnerability exists in the License registration functionality of Bachmann Visutec GmbH Atvise 3.5.4, 3.6 and 3.7. A plaintext HTTP request can lead to a disclosure of login credentials. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T22:23:00.000000Z"} https://vulnerability.circl.lu/sighting/b0cda3c2-07b9-459e-9bce-14a99c662681/export Fri, 17 Jun 2022 22:23:00 +0000 897ef28f-3117-42dc-a774-2eeea57fbbfc https://vulnerability.circl.lu/sighting/897ef28f-3117-42dc-a774-2eeea57fbbfc/export {"uuid": "897ef28f-3117-42dc-a774-2eeea57fbbfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2118", "type": "seen", "source": "https://t.me/cibsecurity/46388", "content": "\u203c CVE-2022-2118 \u203c\n\nThe 404s WordPress plugin before 3.5.1 does not sanitise and escape its fields, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-17T14:27:45.000000Z"} {"uuid": "897ef28f-3117-42dc-a774-2eeea57fbbfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2118", "type": "seen", "source": "https://t.me/cibsecurity/46388", "content": "\u203c CVE-2022-2118 \u203c\n\nThe 404s WordPress plugin before 3.5.1 does not sanitise and escape its fields, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-17T14:27:45.000000Z"} https://vulnerability.circl.lu/sighting/897ef28f-3117-42dc-a774-2eeea57fbbfc/export Sun, 17 Jul 2022 14:27:45 +0000 8e19804b-41c5-4233-b6e0-cf3b20d1c778 https://vulnerability.circl.lu/sighting/8e19804b-41c5-4233-b6e0-cf3b20d1c778/export {"uuid": "8e19804b-41c5-4233-b6e0-cf3b20d1c778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21186", "type": "seen", "source": "https://t.me/cibsecurity/47597", "content": "\u203c CVE-2022-21186 \u203c\n\nThe package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T12:20:23.000000Z"} {"uuid": "8e19804b-41c5-4233-b6e0-cf3b20d1c778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21186", "type": "seen", "source": "https://t.me/cibsecurity/47597", "content": "\u203c CVE-2022-21186 \u203c\n\nThe package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T12:20:23.000000Z"} https://vulnerability.circl.lu/sighting/8e19804b-41c5-4233-b6e0-cf3b20d1c778/export Fri, 05 Aug 2022 12:20:23 +0000 12de3a45-f49f-4f5b-be89-c26772f72678 https://vulnerability.circl.lu/sighting/12de3a45-f49f-4f5b-be89-c26772f72678/export {"uuid": "12de3a45-f49f-4f5b-be89-c26772f72678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21181", "type": "seen", "source": "https://t.me/cibsecurity/48385", "content": "\u203c CVE-2022-21181 \u203c\n\nImproper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:16:44.000000Z"} {"uuid": "12de3a45-f49f-4f5b-be89-c26772f72678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21181", "type": "seen", "source": "https://t.me/cibsecurity/48385", "content": "\u203c CVE-2022-21181 \u203c\n\nImproper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:16:44.000000Z"} https://vulnerability.circl.lu/sighting/12de3a45-f49f-4f5b-be89-c26772f72678/export Fri, 19 Aug 2022 00:16:44 +0000