https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 09:39:17 +0000 https://vulnerability.circl.lu/sighting/28010367-e596-48a9-b410-e1f1db1f0910/export {"uuid": "28010367-e596-48a9-b410-e1f1db1f0910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2946", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1ahttps://nvd.nist.gov/vuln/detail/CVE-2022-34169\nURL\uff1ahttps://github.com/bor8/CVE-2022-34169\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-15T09:47:35.000000Z"} {"uuid": "28010367-e596-48a9-b410-e1f1db1f0910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2946", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1ahttps://nvd.nist.gov/vuln/detail/CVE-2022-34169\nURL\uff1ahttps://github.com/bor8/CVE-2022-34169\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-15T09:47:35.000000Z"} https://vulnerability.circl.lu/sighting/28010367-e596-48a9-b410-e1f1db1f0910/export Mon, 15 Aug 2022 09:47:35 +0000 https://vulnerability.circl.lu/sighting/6647fdf0-8c83-4be6-a8bb-c05ef2d24ed2/export {"uuid": "6647fdf0-8c83-4be6-a8bb-c05ef2d24ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34165", "type": "seen", "source": "https://t.me/cibsecurity/49552", "content": "\u203c CVE-2022-34165 \u203c\n\nIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-09T20:30:26.000000Z"} {"uuid": "6647fdf0-8c83-4be6-a8bb-c05ef2d24ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34165", "type": "seen", "source": "https://t.me/cibsecurity/49552", "content": "\u203c CVE-2022-34165 \u203c\n\nIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-09T20:30:26.000000Z"} https://vulnerability.circl.lu/sighting/6647fdf0-8c83-4be6-a8bb-c05ef2d24ed2/export Fri, 09 Sep 2022 20:30:26 +0000 https://vulnerability.circl.lu/sighting/04741625-5f6d-46f1-b4a8-9784ed6a7751/export {"uuid": "04741625-5f6d-46f1-b4a8-9784ed6a7751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34165", "type": "seen", "source": "https://t.me/ashaburroyah313/187", "content": "{(D)enial(OFF)ensive(S)ervice[ToolKit]}-{by_(io=psy+/03c8.net)}\n\n===========================================================================\n\n[AI] Abducting target to extract interesting information... Be patient!\n\n======================\n\n -Target URL: https://hy.health.gov.il\n\n -IP : 62.90.118.183\n -IPv6 : OFF\n -Port : 443\n\n -Domain: hy.health.gov.il\n\n---------\n\nTrying single visit broadband test (using GET)...\n\n -Bytes in : 58.7 KB\n -Load time: 6.04 seconds\n\n---------\n\nDetermining webserver fingerprint (note that this value can be a fake)...\n\n -Banner: Microsoft-IIS/8.5\n -V\u00eda : NOT found!\n\n---------\n\nSearching for extra Anti-DDoS protections...\n\n -WAF/IDS: FIREWALL NOT PRESENT (or not discovered yet)! ;-)\n\n---------\n\nSearching at CVE (https://cve.mitre.org) for vulnerabilities...\n\n -Last Reports:\n\n + CVE-2022-35282 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35282\n\n + CVE-2022-34336 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34336\n\n + CVE-2022-34165 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34165\n\n + CVE-2022-22670 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22670\n\n + CVE-2022-22666 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22666\n\n + CVE-2022-22654 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22654\n\n + CVE-2022-22640 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22640\n\n + CVE-2022-22638 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22638\n\n + CVE-2022-22637 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637\n\n + CVE-2022-22633 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22633\n\n---------\n\n[Info] [AI] Abduction finished! -> [OK!]", "creation_timestamp": "2022-10-01T14:47:50.000000Z"} {"uuid": "04741625-5f6d-46f1-b4a8-9784ed6a7751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34165", "type": "seen", "source": "https://t.me/ashaburroyah313/187", "content": "{(D)enial(OFF)ensive(S)ervice[ToolKit]}-{by_(io=psy+/03c8.net)}\n\n===========================================================================\n\n[AI] Abducting target to extract interesting information... Be patient!\n\n======================\n\n -Target URL: https://hy.health.gov.il\n\n -IP : 62.90.118.183\n -IPv6 : OFF\n -Port : 443\n\n -Domain: hy.health.gov.il\n\n---------\n\nTrying single visit broadband test (using GET)...\n\n -Bytes in : 58.7 KB\n -Load time: 6.04 seconds\n\n---------\n\nDetermining webserver fingerprint (note that this value can be a fake)...\n\n -Banner: Microsoft-IIS/8.5\n -V\u00eda : NOT found!\n\n---------\n\nSearching for extra Anti-DDoS protections...\n\n -WAF/IDS: FIREWALL NOT PRESENT (or not discovered yet)! ;-)\n\n---------\n\nSearching at CVE (https://cve.mitre.org) for vulnerabilities...\n\n -Last Reports:\n\n + CVE-2022-35282 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35282\n\n + CVE-2022-34336 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34336\n\n + CVE-2022-34165 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34165\n\n + CVE-2022-22670 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22670\n\n + CVE-2022-22666 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22666\n\n + CVE-2022-22654 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22654\n\n + CVE-2022-22640 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22640\n\n + CVE-2022-22638 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22638\n\n + CVE-2022-22637 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637\n\n + CVE-2022-22633 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22633\n\n---------\n\n[Info] [AI] Abduction finished! -> [OK!]", "creation_timestamp": "2022-10-01T14:47:50.000000Z"} https://vulnerability.circl.lu/sighting/04741625-5f6d-46f1-b4a8-9784ed6a7751/export Sat, 01 Oct 2022 14:47:50 +0000 https://vulnerability.circl.lu/sighting/4081aff7-2023-472c-b721-c0959c55718f/export {"uuid": "4081aff7-2023-472c-b721-c0959c55718f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html", "content": "", "creation_timestamp": "2022-11-02T11:41:00.000000Z"} {"uuid": "4081aff7-2023-472c-b721-c0959c55718f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html", "content": "", "creation_timestamp": "2022-11-02T11:41:00.000000Z"} https://vulnerability.circl.lu/sighting/4081aff7-2023-472c-b721-c0959c55718f/export Wed, 02 Nov 2022 11:41:00 +0000 https://vulnerability.circl.lu/sighting/6f7af537-7156-4345-96b1-bba2c45571e1/export {"uuid": "6f7af537-7156-4345-96b1-bba2c45571e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3416", "type": "seen", "source": "https://t.me/cibsecurity/56200", "content": "\u203c CVE-2022-3416 \u203c\n\nThe WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:28:14.000000Z"} {"uuid": "6f7af537-7156-4345-96b1-bba2c45571e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3416", "type": "seen", "source": "https://t.me/cibsecurity/56200", "content": "\u203c CVE-2022-3416 \u203c\n\nThe WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:28:14.000000Z"} https://vulnerability.circl.lu/sighting/6f7af537-7156-4345-96b1-bba2c45571e1/export Tue, 10 Jan 2023 02:28:14 +0000 https://vulnerability.circl.lu/sighting/c5579359-31fe-473f-aa17-440e7c539ecd/export {"uuid": "c5579359-31fe-473f-aa17-440e7c539ecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://t.me/ctinow/181433", "content": "https://ift.tt/i7CvsYA\nCVE-2022-34169 | Oracle Financial Services Enterprise Case Management 8.0.8.2/8.1.1.1/8.1.2.5/8.1.2.6 Web UI numeric conversion", "creation_timestamp": "2024-02-08T15:41:59.000000Z"} {"uuid": "c5579359-31fe-473f-aa17-440e7c539ecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://t.me/ctinow/181433", "content": "https://ift.tt/i7CvsYA\nCVE-2022-34169 | Oracle Financial Services Enterprise Case Management 8.0.8.2/8.1.1.1/8.1.2.5/8.1.2.6 Web UI numeric conversion", "creation_timestamp": "2024-02-08T15:41:59.000000Z"} https://vulnerability.circl.lu/sighting/c5579359-31fe-473f-aa17-440e7c539ecd/export Thu, 08 Feb 2024 15:41:59 +0000 https://vulnerability.circl.lu/sighting/be237caf-6e97-4c14-a5e8-d1b12eba8e81/export {"uuid": "be237caf-6e97-4c14-a5e8-d1b12eba8e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "published-proof-of-concept", "source": "Telegram/GVzbIvRKQ_pBb8RAmwM77aPrTfNfkOsNgLPsCj3jinnJ4WY", "content": "", "creation_timestamp": "2025-01-17T22:00:05.000000Z"} {"uuid": "be237caf-6e97-4c14-a5e8-d1b12eba8e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "published-proof-of-concept", "source": "Telegram/GVzbIvRKQ_pBb8RAmwM77aPrTfNfkOsNgLPsCj3jinnJ4WY", "content": "", "creation_timestamp": "2025-01-17T22:00:05.000000Z"} https://vulnerability.circl.lu/sighting/be237caf-6e97-4c14-a5e8-d1b12eba8e81/export Fri, 17 Jan 2025 22:00:05 +0000 https://vulnerability.circl.lu/sighting/dccdd695-baab-4b45-a787-276a5b660f0a/export {"uuid": "dccdd695-baab-4b45-a787-276a5b660f0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3416", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11158", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3416\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)\n\ud83d\udccf Published: 2023-01-09T22:13:28.101Z\n\ud83d\udccf Modified: 2025-04-09T19:14:07.353Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/f927dbe0-3939-4882-a469-1309ac737ee6", "creation_timestamp": "2025-04-09T19:48:37.000000Z"} {"uuid": "dccdd695-baab-4b45-a787-276a5b660f0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3416", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11158", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3416\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)\n\ud83d\udccf Published: 2023-01-09T22:13:28.101Z\n\ud83d\udccf Modified: 2025-04-09T19:14:07.353Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/f927dbe0-3939-4882-a469-1309ac737ee6", "creation_timestamp": "2025-04-09T19:48:37.000000Z"} https://vulnerability.circl.lu/sighting/dccdd695-baab-4b45-a787-276a5b660f0a/export Wed, 09 Apr 2025 19:48:37 +0000 https://vulnerability.circl.lu/sighting/c11a7ff4-0785-457d-8724-89aa97238f1d/export {"uuid": "c11a7ff4-0785-457d-8724-89aa97238f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3lzzeuxkcgj2c", "content": "", "creation_timestamp": "2025-09-30T01:31:31.246850Z"} {"uuid": "c11a7ff4-0785-457d-8724-89aa97238f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3lzzeuxkcgj2c", "content": "", "creation_timestamp": "2025-09-30T01:31:31.246850Z"} https://vulnerability.circl.lu/sighting/c11a7ff4-0785-457d-8724-89aa97238f1d/export Tue, 30 Sep 2025 01:31:31 +0000 https://vulnerability.circl.lu/sighting/b8dd501e-74fa-4f36-81fd-e0be9f24a126/export {"uuid": "b8dd501e-74fa-4f36-81fd-e0be9f24a126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0292/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"} {"uuid": "b8dd501e-74fa-4f36-81fd-e0be9f24a126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0292/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/b8dd501e-74fa-4f36-81fd-e0be9f24a126/export Fri, 13 Mar 2026 00:00:00 +0000