https://db.gcve.eu/sightings/feed 2026-05-27T16:24:52.771165+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/1407e910-39d0-4e10-adf8-e6170f4b51fe/export 2026-05-27T16:24:53.063397+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "1407e910-39d0-4e10-adf8-e6170f4b51fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40128", "type": "seen", "source": "https://t.me/cibsecurity/52679", "content": "\u203c CVE-2022-40128 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <= 3.3.2 on WordPress leading to export file download.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T22:35:46.000000Z"} 2022-11-08T22:35:46+00:00 https://db.gcve.eu/sighting/2add2fda-a834-4bc8-9a57-34bd574308bb/export 2026-05-27T16:24:53.063331+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "2add2fda-a834-4bc8-9a57-34bd574308bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40129", "type": "seen", "source": "https://t.me/true_secator/3700", "content": "\u041c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 RCE-\u043e\u0448\u0438\u0431\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u041f\u041e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f PDF-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u043e\u0432 Foxit Reader.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Cisco Talos \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u00a0\u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445\u00a0\u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 JavaScript Foxit Reader, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\nCVE-2022-32774, CVE-2022-38097, CVE-2022-37332 \u0438 CVE-2022-40129 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 8,8 \u0438 \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f. \u041e \u043d\u0438\u0445 Cisco \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u0432 Foxit \u0435\u0449\u0435 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435.\u00a0\n\n\u041a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u044e\u0442 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b Cisco, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 PDF-\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u043c\u043e\u0436\u0435\u0442 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0430\u043d\u0435\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0436\u0435\u043b\u0430\u044e\u0449\u0435\u043c\u0443 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043c\u0430\u043d\u043e\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\n\u0415\u0441\u043b\u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u043e\u0433\u043e \u043c\u043e\u0434\u0443\u043b\u044f \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Foxit \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043e, \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u044b, \u043a\u043e\u0433\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u0438\u0442 \u043d\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442.\n\nFoxit \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e 12.0.1.124306 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0443\u044e \u0432\u0441\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\u00a0\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.", "creation_timestamp": "2022-11-14T12:09:05.000000Z"} 2022-11-14T12:09:05+00:00 https://db.gcve.eu/sighting/95cd6b66-052d-47f3-8cc0-9aa9e39dd78d/export 2026-05-27T16:24:53.063281+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "95cd6b66-052d-47f3-8cc0-9aa9e39dd78d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7200", "content": "#exploit\n1. CVE-2022-40127:\nApache Airflow <2.4.0 DAG example_bash_operator RCE\nhttps://github.com/Mr-xn/CVE-2022-40127\n\n2. Chromium V8 Engine Exploits\nhttps://github.com/anvbis/chrome.v8.n-days", "creation_timestamp": "2022-11-19T13:07:01.000000Z"} 2022-11-19T13:07:01+00:00 https://db.gcve.eu/sighting/4e971875-a0eb-4752-8e03-a1c0a126f65f/export 2026-05-27T16:24:53.063234+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "4e971875-a0eb-4752-8e03-a1c0a126f65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/34113", "content": "https://github.com/Mr-xn/CVE-2022-40127", "creation_timestamp": "2022-11-19T15:29:51.000000Z"} 2022-11-19T15:29:51+00:00 https://db.gcve.eu/sighting/59cf9529-74f9-45dd-aa90-00a29886a322/export 2026-05-27T16:24:53.063182+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "59cf9529-74f9-45dd-aa90-00a29886a322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1424", "content": "https://github.com/Mr-xn/CVE-2022-40127", "creation_timestamp": "2022-11-20T22:47:46.000000Z"} 2022-11-20T22:47:46+00:00 https://db.gcve.eu/sighting/3c2f17cf-ac7e-4822-83f6-ea40e2a3dcb3/export 2026-05-27T16:24:53.063110+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "3c2f17cf-ac7e-4822-83f6-ea40e2a3dcb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40129", "type": "seen", "source": "https://t.me/cibsecurity/53245", "content": "\u203c CVE-2022-40129 \u203c\n\nA use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.0.1.12430. A specially-crafted PDF document can trigger the reuse of previously freed memory via misusing Optional Content Group API, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T18:37:16.000000Z"} 2022-11-21T18:37:16+00:00 https://db.gcve.eu/sighting/a78411ef-1c69-4b7a-ad65-544ca5447a77/export 2026-05-27T16:24:53.063059+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "a78411ef-1c69-4b7a-ad65-544ca5447a77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10482", "content": "\u25a0\u25a1\u25a1\u25a1\u25a1 Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC.\n\nhttps://github.com/Mr-xn/CVE-2022-40127", "creation_timestamp": "2022-11-24T13:01:10.000000Z"} 2022-11-24T13:01:10+00:00 https://db.gcve.eu/sighting/e4acc017-a683-4ef4-a703-d3ddb6da13ef/export 2026-05-27T16:24:53.063003+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "e4acc017-a683-4ef4-a703-d3ddb6da13ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/85158", "content": "Internet Bug Bounty: CVE-2022-40127: RCE in Apache Airflow <2.4.0 bash example\n\nhttps://ift.tt/K1mhCXI", "creation_timestamp": "2023-01-05T19:31:50.000000Z"} 2023-01-05T19:31:50+00:00 https://db.gcve.eu/sighting/b6e90f2e-c54b-4c64-a708-1525d61ca0ca/export 2026-05-27T16:24:53.062922+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "b6e90f2e-c54b-4c64-a708-1525d61ca0ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40127", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14131", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40127\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0.\n\ud83d\udccf Published: 2022-11-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-30T18:58:45.160Z\n\ud83d\udd17 References:\n1. https://github.com/apache/airflow/pull/25960\n2. https://lists.apache.org/thread/cf132hgm6jvzvsbpsozl3plf1r4cwysy\n3. http://www.openwall.com/lists/oss-security/2022/11/14/2", "creation_timestamp": "2025-04-30T19:13:45.000000Z"} 2025-04-30T19:13:45+00:00 https://db.gcve.eu/sighting/210b3698-2e8a-47d7-8ab2-d39a740be0c2/export 2026-05-27T16:24:53.061598+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "210b3698-2e8a-47d7-8ab2-d39a740be0c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-40122", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17298", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40122\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the cust_id parameter at /net-banking/edit_customer_action.php.\n\ud83d\udccf Published: 2022-09-23T21:16:12.000Z\n\ud83d\udccf Modified: 2025-05-22T14:16:36.182Z\n\ud83d\udd17 References:\n1. https://github.com/zakee94/online-banking-system/issues/15\n2. https://github.com/0clickjacking0/BugReport/blob/main/online-banking-system/sql_injection10.md", "creation_timestamp": "2025-05-22T14:44:45.000000Z"} 2025-05-22T14:44:45+00:00