https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 20:22:24 +0000 https://vulnerability.circl.lu/sighting/3f393903-9ab0-40a0-86db-ce346a6b7947/export {"uuid": "3f393903-9ab0-40a0-86db-ce346a6b7947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24129", "type": "seen", "source": "https://t.me/cibsecurity/36875", "content": "\u203c CVE-2022-24129 \u203c\n\nThe OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T22:36:28.000000Z"} {"uuid": "3f393903-9ab0-40a0-86db-ce346a6b7947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24129", "type": "seen", "source": "https://t.me/cibsecurity/36875", "content": "\u203c CVE-2022-24129 \u203c\n\nThe OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T22:36:28.000000Z"} https://vulnerability.circl.lu/sighting/3f393903-9ab0-40a0-86db-ce346a6b7947/export Fri, 04 Feb 2022 22:36:28 +0000 https://vulnerability.circl.lu/sighting/0dba5300-5cf6-4521-9017-6084088411e0/export {"uuid": "0dba5300-5cf6-4521-9017-6084088411e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1550", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPOC for CVE-2022-24124\nURL\uff1ahttps://github.com/ColdFusionX/CVE-2022-24124", "creation_timestamp": "2022-02-27T07:33:48.000000Z"} {"uuid": "0dba5300-5cf6-4521-9017-6084088411e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1550", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPOC for CVE-2022-24124\nURL\uff1ahttps://github.com/ColdFusionX/CVE-2022-24124", "creation_timestamp": "2022-02-27T07:33:48.000000Z"} https://vulnerability.circl.lu/sighting/0dba5300-5cf6-4521-9017-6084088411e0/export Sun, 27 Feb 2022 07:33:48 +0000 https://vulnerability.circl.lu/sighting/c1a63bcb-17fe-4429-a22b-657979bac37a/export {"uuid": "c1a63bcb-17fe-4429-a22b-657979bac37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "seen", "source": "https://t.me/ctinow/48210", "content": "Casdoor SQL Injection (CVE-2022-24124)\n\nhttps://ift.tt/aQrKzDB", "creation_timestamp": "2022-03-09T11:36:32.000000Z"} {"uuid": "c1a63bcb-17fe-4429-a22b-657979bac37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "seen", "source": "https://t.me/ctinow/48210", "content": "Casdoor SQL Injection (CVE-2022-24124)\n\nhttps://ift.tt/aQrKzDB", "creation_timestamp": "2022-03-09T11:36:32.000000Z"} https://vulnerability.circl.lu/sighting/c1a63bcb-17fe-4429-a22b-657979bac37a/export Wed, 09 Mar 2022 11:36:32 +0000 https://vulnerability.circl.lu/sighting/76d7681e-b04d-4459-873f-bbb19de0241e/export {"uuid": "76d7681e-b04d-4459-873f-bbb19de0241e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24122", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1663", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24122 Proof of Concept\nURL\uff1ahttps://github.com/meowmeowxw/CVE-2022-24122", "creation_timestamp": "2022-03-15T08:42:35.000000Z"} {"uuid": "76d7681e-b04d-4459-873f-bbb19de0241e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24122", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1663", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-24122 Proof of Concept\nURL\uff1ahttps://github.com/meowmeowxw/CVE-2022-24122", "creation_timestamp": "2022-03-15T08:42:35.000000Z"} https://vulnerability.circl.lu/sighting/76d7681e-b04d-4459-873f-bbb19de0241e/export Tue, 15 Mar 2022 08:42:35 +0000 https://vulnerability.circl.lu/sighting/22ca25cb-2c3e-47a7-9887-07943e9cb654/export {"uuid": "22ca25cb-2c3e-47a7-9887-07943e9cb654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24125", "type": "seen", "source": "https://t.me/cibsecurity/39292", "content": "\u203c CVE-2022-24125 \u203c\n\nThe matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted on the client side, and can thus be bypassed with a modified client.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-20T06:23:27.000000Z"} {"uuid": "22ca25cb-2c3e-47a7-9887-07943e9cb654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24125", "type": "seen", "source": "https://t.me/cibsecurity/39292", "content": "\u203c CVE-2022-24125 \u203c\n\nThe matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted on the client side, and can thus be bypassed with a modified client.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-20T06:23:27.000000Z"} https://vulnerability.circl.lu/sighting/22ca25cb-2c3e-47a7-9887-07943e9cb654/export Sun, 20 Mar 2022 06:23:27 +0000 https://vulnerability.circl.lu/sighting/0c1ac953-859d-4443-8cf8-02a6a21898e1/export {"uuid": "0c1ac953-859d-4443-8cf8-02a6a21898e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24126", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1697", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDocumentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.\nURL\uff1ahttps://github.com/tremwil/ds3-nrssr-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-22T01:01:20.000000Z"} {"uuid": "0c1ac953-859d-4443-8cf8-02a6a21898e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24126", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1697", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDocumentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.\nURL\uff1ahttps://github.com/tremwil/ds3-nrssr-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-22T01:01:20.000000Z"} https://vulnerability.circl.lu/sighting/0c1ac953-859d-4443-8cf8-02a6a21898e1/export Tue, 22 Mar 2022 01:01:20 +0000 https://vulnerability.circl.lu/sighting/cf29f18e-480d-4174-ba7a-348d7ed9a438/export {"uuid": "cf29f18e-480d-4174-ba7a-348d7ed9a438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24125", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1697", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDocumentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.\nURL\uff1ahttps://github.com/tremwil/ds3-nrssr-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-22T01:01:20.000000Z"} {"uuid": "cf29f18e-480d-4174-ba7a-348d7ed9a438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24125", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1697", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDocumentation and proof of concept code for CVE-2022-24125 and CVE-2022-24126.\nURL\uff1ahttps://github.com/tremwil/ds3-nrssr-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-22T01:01:20.000000Z"} https://vulnerability.circl.lu/sighting/cf29f18e-480d-4174-ba7a-348d7ed9a438/export Tue, 22 Mar 2022 01:01:20 +0000 https://vulnerability.circl.lu/sighting/0067bf2a-b1df-43f5-aee2-763f2d46b546/export {"uuid": "0067bf2a-b1df-43f5-aee2-763f2d46b546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6742", "content": "#exploit\n1. CVE-2021-38297:\nGo Web Assembly Vulnerability\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability\n\n2. CVE-2022-24124:\nCasdoor SQL Injection\nhttps://github.com/cukw/CVE-2022-24124_POC\n]-> https://blog.qualys.com/vulnerabilities-threat-research/2022/03/09/casdoor-sql-injection-cve-2022-24124", "creation_timestamp": "2022-09-05T12:37:13.000000Z"} {"uuid": "0067bf2a-b1df-43f5-aee2-763f2d46b546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24124", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6742", "content": "#exploit\n1. CVE-2021-38297:\nGo Web Assembly Vulnerability\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability\n\n2. CVE-2022-24124:\nCasdoor SQL Injection\nhttps://github.com/cukw/CVE-2022-24124_POC\n]-> https://blog.qualys.com/vulnerabilities-threat-research/2022/03/09/casdoor-sql-injection-cve-2022-24124", "creation_timestamp": "2022-09-05T12:37:13.000000Z"} https://vulnerability.circl.lu/sighting/0067bf2a-b1df-43f5-aee2-763f2d46b546/export Mon, 05 Sep 2022 12:37:13 +0000 https://vulnerability.circl.lu/sighting/bb198efc-7f7c-41c7-b776-1b7f0ee3927b/export {"uuid": "bb198efc-7f7c-41c7-b776-1b7f0ee3927b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24120", "type": "seen", "source": "https://t.me/cibsecurity/55328", "content": "\u203c CVE-2022-24120 \u203c\n\nCertain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T07:40:33.000000Z"} {"uuid": "bb198efc-7f7c-41c7-b776-1b7f0ee3927b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24120", "type": "seen", "source": "https://t.me/cibsecurity/55328", "content": "\u203c CVE-2022-24120 \u203c\n\nCertain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T07:40:33.000000Z"} https://vulnerability.circl.lu/sighting/bb198efc-7f7c-41c7-b776-1b7f0ee3927b/export Mon, 26 Dec 2022 07:40:33 +0000 https://vulnerability.circl.lu/sighting/e4c0d014-5cf6-453c-8fec-6d8611019aad/export {"uuid": "e4c0d014-5cf6-453c-8fec-6d8611019aad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24120", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11509", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24120\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T23:31:04.226Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06", "creation_timestamp": "2025-04-11T23:51:15.000000Z"} {"uuid": "e4c0d014-5cf6-453c-8fec-6d8611019aad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24120", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11509", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24120\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T23:31:04.226Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-06", "creation_timestamp": "2025-04-11T23:51:15.000000Z"} https://vulnerability.circl.lu/sighting/e4c0d014-5cf6-453c-8fec-6d8611019aad/export Fri, 11 Apr 2025 23:51:15 +0000