Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 14:34:01 +0000 8d0e5116-9561-42a0-b633-8932eb7b2aed https://vulnerability.circl.lu/sighting/8d0e5116-9561-42a0-b633-8932eb7b2aed/export {"uuid": "8d0e5116-9561-42a0-b633-8932eb7b2aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41253", "type": "seen", "source": "https://t.me/cibsecurity/50200", "content": "\u203c CVE-2022-41253 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T20:41:10.000000Z"} {"uuid": "8d0e5116-9561-42a0-b633-8932eb7b2aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41253", "type": "seen", "source": "https://t.me/cibsecurity/50200", "content": "\u203c CVE-2022-41253 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in Jenkins CONS3RT Plugin 1.0.0 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T20:41:10.000000Z"} https://vulnerability.circl.lu/sighting/8d0e5116-9561-42a0-b633-8932eb7b2aed/export Wed, 21 Sep 2022 20:41:10 +0000 21168a71-d5a9-4d84-9438-f460ffdb5f43 https://vulnerability.circl.lu/sighting/21168a71-d5a9-4d84-9438-f460ffdb5f43/export {"uuid": "21168a71-d5a9-4d84-9438-f460ffdb5f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41250", "type": "seen", "source": "https://t.me/cibsecurity/50212", "content": "\u203c CVE-2022-41250 \u203c\n\nA missing permission check in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T20:41:24.000000Z"} {"uuid": "21168a71-d5a9-4d84-9438-f460ffdb5f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41250", "type": "seen", "source": "https://t.me/cibsecurity/50212", "content": "\u203c CVE-2022-41250 \u203c\n\nA missing permission check in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T20:41:24.000000Z"} https://vulnerability.circl.lu/sighting/21168a71-d5a9-4d84-9438-f460ffdb5f43/export Wed, 21 Sep 2022 20:41:24 +0000 a0e0be98-c042-4d83-a160-7eccc6087824 https://vulnerability.circl.lu/sighting/a0e0be98-c042-4d83-a160-7eccc6087824/export {"uuid": "a0e0be98-c042-4d83-a160-7eccc6087824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41258", "type": "seen", "source": "https://t.me/cibsecurity/52683", "content": "\u203c CVE-2022-41258 \u203c\n\nDue to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality, integrity and availability of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:38.000000Z"} {"uuid": "a0e0be98-c042-4d83-a160-7eccc6087824", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41258", "type": "seen", "source": "https://t.me/cibsecurity/52683", "content": "\u203c CVE-2022-41258 \u203c\n\nDue to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality, integrity and availability of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:38.000000Z"} https://vulnerability.circl.lu/sighting/a0e0be98-c042-4d83-a160-7eccc6087824/export Wed, 09 Nov 2022 00:41:38 +0000 79cca42d-3250-482c-b9b6-b7b682064f0e https://vulnerability.circl.lu/sighting/79cca42d-3250-482c-b9b6-b7b682064f0e/export {"uuid": "79cca42d-3250-482c-b9b6-b7b682064f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41259", "type": "seen", "source": "https://t.me/cibsecurity/52691", "content": "\u203c CVE-2022-41259 \u203c\n\nSAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:49.000000Z"} {"uuid": "79cca42d-3250-482c-b9b6-b7b682064f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41259", "type": "seen", "source": "https://t.me/cibsecurity/52691", "content": "\u203c CVE-2022-41259 \u203c\n\nSAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T00:41:49.000000Z"} https://vulnerability.circl.lu/sighting/79cca42d-3250-482c-b9b6-b7b682064f0e/export Wed, 09 Nov 2022 00:41:49 +0000 54f47d3e-3256-42c1-b3d9-5c9b9f91d0c9 https://vulnerability.circl.lu/sighting/54f47d3e-3256-42c1-b3d9-5c9b9f91d0c9/export {"uuid": "54f47d3e-3256-42c1-b3d9-5c9b9f91d0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4125", "type": "seen", "source": "https://t.me/cibsecurity/54869", "content": "\u203c CVE-2022-4125 \u203c\n\nThe Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF check when creating/updating popups, and is missing sanitisation as well as escaping, which could allow unauthenticated attackers to create arbitrary popups and add Stored XSS payloads as well\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T16:10:44.000000Z"} {"uuid": "54f47d3e-3256-42c1-b3d9-5c9b9f91d0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4125", "type": "seen", "source": "https://t.me/cibsecurity/54869", "content": "\u203c CVE-2022-4125 \u203c\n\nThe Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF check when creating/updating popups, and is missing sanitisation as well as escaping, which could allow unauthenticated attackers to create arbitrary popups and add Stored XSS payloads as well\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T16:10:44.000000Z"} https://vulnerability.circl.lu/sighting/54f47d3e-3256-42c1-b3d9-5c9b9f91d0c9/export Mon, 19 Dec 2022 16:10:44 +0000 6d46e2c0-4841-4e99-9c2e-34f9bfa81aab https://vulnerability.circl.lu/sighting/6d46e2c0-4841-4e99-9c2e-34f9bfa81aab/export {"uuid": "6d46e2c0-4841-4e99-9c2e-34f9bfa81aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41259", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14545", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41259\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.\n\ud83d\udccf Published: 2022-11-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T18:04:10.876Z\n\ud83d\udd17 References:\n1. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\n2. https://launchpad.support.sap.com/#/notes/3229987", "creation_timestamp": "2025-05-02T18:19:36.000000Z"} {"uuid": "6d46e2c0-4841-4e99-9c2e-34f9bfa81aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41259", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14545", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41259\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use an ARRAY constructor.\n\ud83d\udccf Published: 2022-11-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T18:04:10.876Z\n\ud83d\udd17 References:\n1. https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html\n2. https://launchpad.support.sap.com/#/notes/3229987", "creation_timestamp": "2025-05-02T18:19:36.000000Z"} https://vulnerability.circl.lu/sighting/6d46e2c0-4841-4e99-9c2e-34f9bfa81aab/export Fri, 02 May 2025 18:19:36 +0000 5a4240ba-9f8b-4d11-9fc5-f60f7b937c33 https://vulnerability.circl.lu/sighting/5a4240ba-9f8b-4d11-9fc5-f60f7b937c33/export {"uuid": "5a4240ba-9f8b-4d11-9fc5-f60f7b937c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41252", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2jqiej6wbp2", "content": "", "creation_timestamp": "2025-10-06T13:41:55.403775Z"} {"uuid": "5a4240ba-9f8b-4d11-9fc5-f60f7b937c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41252", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2jqiej6wbp2", "content": "", "creation_timestamp": "2025-10-06T13:41:55.403775Z"} https://vulnerability.circl.lu/sighting/5a4240ba-9f8b-4d11-9fc5-f60f7b937c33/export Mon, 06 Oct 2025 13:41:55 +0000 92c3d1aa-0600-4650-9a76-d007104fb18a https://vulnerability.circl.lu/sighting/92c3d1aa-0600-4650-9a76-d007104fb18a/export {"uuid": "92c3d1aa-0600-4650-9a76-d007104fb18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41255", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2lqa6atw6u2", "content": "", "creation_timestamp": "2025-10-07T08:42:42.890694Z"} {"uuid": "92c3d1aa-0600-4650-9a76-d007104fb18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41255", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m2lqa6atw6u2", "content": "", "creation_timestamp": "2025-10-07T08:42:42.890694Z"} https://vulnerability.circl.lu/sighting/92c3d1aa-0600-4650-9a76-d007104fb18a/export Tue, 07 Oct 2025 08:42:42 +0000