https://db.gcve.eu/sightings/feed 2026-05-30T03:48:29.570336+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/f23cee69-0527-4286-a2b2-365d2915a0f8/export 2026-05-30T03:48:29.921292+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "f23cee69-0527-4286-a2b2-365d2915a0f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37024", "type": "seen", "source": "https://t.me/cibsecurity/47915", "content": "\u203c CVE-2022-37024 \u203c\n\nZoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-11T00:32:22.000000Z"} 2022-08-11T00:32:22+00:00 https://db.gcve.eu/sighting/9d6f107f-b36b-4e9d-98b6-242f02f17fb9/export 2026-05-30T03:48:29.921239+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "9d6f107f-b36b-4e9d-98b6-242f02f17fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37025", "type": "seen", "source": "https://t.me/cibsecurity/48348", "content": "\u203c CVE-2022-37025 \u203c\n\nAn improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code due to lack of an integrity check of the configuration file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-18T16:23:02.000000Z"} 2022-08-18T16:23:02+00:00 https://db.gcve.eu/sighting/c61d1c9a-a390-4a0b-91e3-81feb3ca5ad7/export 2026-05-30T03:48:29.921182+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "c61d1c9a-a390-4a0b-91e3-81feb3ca5ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37021", "type": "seen", "source": "https://t.me/cibsecurity/49093", "content": "\u203c CVE-2022-37021 \u203c\n\nApache Geode versions up to 1.12.5, 1.13.4 and 1.14.0 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 8. Any user still on Java 8 who wishes to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15 and Java 11. If upgrading to Java 11 is not possible, then upgrade to Apache Geode 1.15 and specify \"--J=-Dgeode.enableGlobalSerialFilter=true\" when starting any Locators or Servers. Follow the documentation for details on specifying any user classes that may be serialized/deserialized with the \"serializable-object-filter\" configuration option. Using a global serial filter will impact performance.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T12:36:43.000000Z"} 2022-08-31T12:36:43+00:00 https://db.gcve.eu/sighting/f4e352c9-e568-406a-a3f0-0129a7b85980/export 2026-05-30T03:48:29.921122+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "f4e352c9-e568-406a-a3f0-0129a7b85980", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37023", "type": "seen", "source": "https://t.me/cibsecurity/49094", "content": "\u203c CVE-2022-37023 \u203c\n\nApache Geode versions prior to 1.15.0 are vulnerable to a deserialization of untrusted data flaw when using REST API on Java 8 or Java 11. Any user wishing to protect against deserialization attacks involving REST APIs should upgrade to Apache Geode 1.15 and follow the documentation for details on enabling \"validate-serializable-objects=true\" and specifying any user classes that may be serialized/deserialized with \"serializable-object-filter\". Enabling \"validate-serializable-objects\" may impact performance.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T12:36:44.000000Z"} 2022-08-31T12:36:44+00:00 https://db.gcve.eu/sighting/c2e08117-7a32-4507-baf5-4568827d40bf/export 2026-05-30T03:48:29.921065+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "c2e08117-7a32-4507-baf5-4568827d40bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37022", "type": "seen", "source": "https://t.me/cibsecurity/49095", "content": "\u203c CVE-2022-37022 \u203c\n\nApache Geode versions up to 1.12.2 and 1.13.2 are vulnerable to a deserialization of untrusted data flaw when using JMX over RMI on Java 11. Any user wishing to protect against deserialization attacks involving JMX or RMI should upgrade to Apache Geode 1.15. Use of 1.15 on Java 11 will automatically protect JMX over RMI against deserialization attacks. This should have no impact on performance since it only affects JMX/RMI which Gfsh uses to communicate with the JMX Manager which is hosted on a Locator.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T12:36:45.000000Z"} 2022-08-31T12:36:45+00:00 https://db.gcve.eu/sighting/db91c8a0-d4ec-44a2-9d26-85c30523e395/export 2026-05-30T03:48:29.920972+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "db91c8a0-d4ec-44a2-9d26-85c30523e395", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37027", "type": "seen", "source": "https://t.me/cibsecurity/50202", "content": "\u203c CVE-2022-37027 \u203c\n\nAhsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options. Administrators that can modify the Runtime Options in the web interface can inject Java Runtime Options. These take effect after a restart. For example, an attacker can enable JMX services and consequently achieve remote code execution as the system user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T20:41:13.000000Z"} 2022-09-21T20:41:13+00:00 https://db.gcve.eu/sighting/0c69a930-5004-4e6d-8d60-401abd94811a/export 2026-05-30T03:48:29.920772+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "0c69a930-5004-4e6d-8d60-401abd94811a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37026", "type": "seen", "source": "https://gist.github.com/D2duplo/59947579ddbad2e0885de293ee23a11a", "content": "", "creation_timestamp": "2025-09-15T09:19:47.000000Z"} 2025-09-15T09:19:47+00:00 https://db.gcve.eu/sighting/7ead2044-5706-4fe3-86c4-58141bbc5378/export 2026-05-30T03:48:29.918142+00:00 cedric https://db.gcve.eu/user/cedric {"uuid": "7ead2044-5706-4fe3-86c4-58141bbc5378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37026", "type": "seen", "source": "https://gist.github.com/Jaimer/b523cac735fd65361a412b71743f6387", "content": "", "creation_timestamp": "2025-12-01T22:18:41.000000Z"} 2025-12-01T22:18:41+00:00