Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 09 Jun 2026 14:22:34 +0000 a937c62d-942f-4161-a911-7e483307b081 https://vulnerability.circl.lu/sighting/a937c62d-942f-4161-a911-7e483307b081/export {"uuid": "a937c62d-942f-4161-a911-7e483307b081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36982", "type": "seen", "source": "https://t.me/cibsecurity/61099", "content": "\u203c CVE-2022-36982 \u203c\n\nThis vulnerability allows remote attackers to read arbitrary files on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AgentTaskHandler class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored session cookies, leading to further compromise. Was ZDI-CAN-15967.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T22:28:47.000000Z"} {"uuid": "a937c62d-942f-4161-a911-7e483307b081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36982", "type": "seen", "source": "https://t.me/cibsecurity/61099", "content": "\u203c CVE-2022-36982 \u203c\n\nThis vulnerability allows remote attackers to read arbitrary files on affected installations of Ivanti Avalanche 6.3.3.101. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AgentTaskHandler class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored session cookies, leading to further compromise. Was ZDI-CAN-15967.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T22:28:47.000000Z"} https://vulnerability.circl.lu/sighting/a937c62d-942f-4161-a911-7e483307b081/export Wed, 29 Mar 2023 22:28:47 +0000