https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 05 May 2026 19:59:42 +0000 https://vulnerability.circl.lu/sighting/7f502a8c-a1fa-431f-8e8d-5229d38bfc67/export {"uuid": "7f502a8c-a1fa-431f-8e8d-5229d38bfc67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28684", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6298", "content": "#Threat_Research\n1. Unrar Path Traversal Vulnerability in Zimbra Mail\nhttps://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day\n2. Bypassing .NET Serialization Binders:\nCase studies for DevExpress (CVE-2022-28684) and Microsoft Exchange (CVE-2022-23277)\nhttps://codewhitesec.blogspot.com/2022/06/bypassing-dotnet-serialization-binders.html", "creation_timestamp": "2022-06-29T11:03:01.000000Z"} {"uuid": "7f502a8c-a1fa-431f-8e8d-5229d38bfc67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28684", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6298", "content": "#Threat_Research\n1. Unrar Path Traversal Vulnerability in Zimbra Mail\nhttps://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day\n2. Bypassing .NET Serialization Binders:\nCase studies for DevExpress (CVE-2022-28684) and Microsoft Exchange (CVE-2022-23277)\nhttps://codewhitesec.blogspot.com/2022/06/bypassing-dotnet-serialization-binders.html", "creation_timestamp": "2022-06-29T11:03:01.000000Z"} https://vulnerability.circl.lu/sighting/7f502a8c-a1fa-431f-8e8d-5229d38bfc67/export Wed, 29 Jun 2022 11:03:01 +0000 https://vulnerability.circl.lu/sighting/4b2e6bd4-cf9d-4c39-8c79-cc172e988f64/export {"uuid": "4b2e6bd4-cf9d-4c39-8c79-cc172e988f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28684", "type": "seen", "source": "https://t.me/cibsecurity/47504", "content": "\u203c CVE-2022-28684 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress. Authentication is required to exploit this vulnerability. The specific flaw exists within the SafeBinaryFormatter library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16710.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-03T20:18:46.000000Z"} {"uuid": "4b2e6bd4-cf9d-4c39-8c79-cc172e988f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28684", "type": "seen", "source": "https://t.me/cibsecurity/47504", "content": "\u203c CVE-2022-28684 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress. Authentication is required to exploit this vulnerability. The specific flaw exists within the SafeBinaryFormatter library. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16710.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-03T20:18:46.000000Z"} https://vulnerability.circl.lu/sighting/4b2e6bd4-cf9d-4c39-8c79-cc172e988f64/export Wed, 03 Aug 2022 20:18:46 +0000