Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 01 Jun 2026 01:25:10 +0000 f28802fa-e8dc-4b60-acbc-9b0363fd30e0 https://db.gcve.eu/sighting/f28802fa-e8dc-4b60-acbc-9b0363fd30e0/export {"uuid": "f28802fa-e8dc-4b60-acbc-9b0363fd30e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31215", "type": "seen", "source": "https://t.me/cibsecurity/43050", "content": "\u203c CVE-2022-31215 \u203c\n\nIn certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-20T16:36:42.000000Z"} {"uuid": "f28802fa-e8dc-4b60-acbc-9b0363fd30e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31215", "type": "seen", "source": "https://t.me/cibsecurity/43050", "content": "\u203c CVE-2022-31215 \u203c\n\nIn certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-20T16:36:42.000000Z"} https://db.gcve.eu/sighting/f28802fa-e8dc-4b60-acbc-9b0363fd30e0/export Fri, 20 May 2022 16:36:42 +0000 0dd8b559-432a-4024-a733-79bc394c208c https://db.gcve.eu/sighting/0dd8b559-432a-4024-a733-79bc394c208c/export {"uuid": "0dd8b559-432a-4024-a733-79bc394c208c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31214", "type": "seen", "source": "https://t.me/cibsecurity/44133", "content": "\u203c CVE-2022-31214 \u203c\n\nA Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T20:33:49.000000Z"} {"uuid": "0dd8b559-432a-4024-a733-79bc394c208c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31214", "type": "seen", "source": "https://t.me/cibsecurity/44133", "content": "\u203c CVE-2022-31214 \u203c\n\nA Privilege Context Switching issue was discovered in join.c in Firejail 0.9.68. By crafting a bogus Firejail container that is accepted by the Firejail setuid-root program as a join target, a local attacker can enter an environment in which the Linux user namespace is still the initial user namespace, the NO_NEW_PRIVS prctl is not activated, and the entered mount namespace is under the attacker's control. In this way, the filesystem layout can be adjusted to gain root privileges through execution of available setuid-root binaries such as su or sudo.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T20:33:49.000000Z"} https://db.gcve.eu/sighting/0dd8b559-432a-4024-a733-79bc394c208c/export Thu, 09 Jun 2022 20:33:49 +0000 276807f5-ae6a-4647-8982-59fec666557f https://db.gcve.eu/sighting/276807f5-ae6a-4647-8982-59fec666557f/export {"uuid": "276807f5-ae6a-4647-8982-59fec666557f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31211", "type": "seen", "source": "https://t.me/cibsecurity/46416", "content": "\u203c CVE-2022-31211 \u203c\n\nAn issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T02:33:32.000000Z"} {"uuid": "276807f5-ae6a-4647-8982-59fec666557f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31211", "type": "seen", "source": "https://t.me/cibsecurity/46416", "content": "\u203c CVE-2022-31211 \u203c\n\nAn issue was discovered in Infiray IRAY-A8Z3 1.0.957. There is a blank root password for TELNET by default.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T02:33:32.000000Z"} https://db.gcve.eu/sighting/276807f5-ae6a-4647-8982-59fec666557f/export Mon, 18 Jul 2022 02:33:32 +0000 af1c36d0-29cd-4269-bfeb-c4bfba0d59b7 https://db.gcve.eu/sighting/af1c36d0-29cd-4269-bfeb-c4bfba0d59b7/export {"uuid": "af1c36d0-29cd-4269-bfeb-c4bfba0d59b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31210", "type": "seen", "source": "https://t.me/cibsecurity/46418", "content": "\u203c CVE-2022-31210 \u203c\n\nAn issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T02:33:33.000000Z"} {"uuid": "af1c36d0-29cd-4269-bfeb-c4bfba0d59b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31210", "type": "seen", "source": "https://t.me/cibsecurity/46418", "content": "\u203c CVE-2022-31210 \u203c\n\nAn issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject/set_param.cgi contains hardcoded credentials to the web application. Because these accounts cannot be deactivated or have their passwords changed, they are considered to be backdoor accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T02:33:33.000000Z"} https://db.gcve.eu/sighting/af1c36d0-29cd-4269-bfeb-c4bfba0d59b7/export Mon, 18 Jul 2022 02:33:33 +0000 79f1632d-49ec-4be6-8fad-91670e39e72b https://db.gcve.eu/sighting/79f1632d-49ec-4be6-8fad-91670e39e72b/export {"uuid": "79f1632d-49ec-4be6-8fad-91670e39e72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31212", "type": "seen", "source": "https://t.me/cibsecurity/46423", "content": "\u203c CVE-2022-31212 \u203c\n\nAn issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T02:33:41.000000Z"} {"uuid": "79f1632d-49ec-4be6-8fad-91670e39e72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31212", "type": "seen", "source": "https://t.me/cibsecurity/46423", "content": "\u203c CVE-2022-31212 \u203c\n\nAn issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T02:33:41.000000Z"} https://db.gcve.eu/sighting/79f1632d-49ec-4be6-8fad-91670e39e72b/export Mon, 18 Jul 2022 02:33:41 +0000 d59cb400-61f1-4c59-9cfe-5849dc1c8a9f https://db.gcve.eu/sighting/d59cb400-61f1-4c59-9cfe-5849dc1c8a9f/export {"uuid": "d59cb400-61f1-4c59-9cfe-5849dc1c8a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31213", "type": "seen", "source": "https://t.me/cibsecurity/46421", "content": "\u203c CVE-2022-31213 \u203c\n\nAn issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T10:58:38.000000Z"} {"uuid": "d59cb400-61f1-4c59-9cfe-5849dc1c8a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31213", "type": "seen", "source": "https://t.me/cibsecurity/46421", "content": "\u203c CVE-2022-31213 \u203c\n\nAn issue was discovered in dbus-broker before 31. Multiple NULL pointer dereferences can be found when supplying a malformed XML config file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T10:58:38.000000Z"} https://db.gcve.eu/sighting/d59cb400-61f1-4c59-9cfe-5849dc1c8a9f/export Mon, 18 Jul 2022 10:58:38 +0000 c3893e87-6087-4a7e-976b-9bb0620eaf12 https://db.gcve.eu/sighting/c3893e87-6087-4a7e-976b-9bb0620eaf12/export {"uuid": "c3893e87-6087-4a7e-976b-9bb0620eaf12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3121", "type": "seen", "source": "https://t.me/cibsecurity/49298", "content": "\u203c CVE-2022-3121 \u203c\n\nA vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The identifier VDB-207853 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-05T18:12:09.000000Z"} {"uuid": "c3893e87-6087-4a7e-976b-9bb0620eaf12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3121", "type": "seen", "source": "https://t.me/cibsecurity/49298", "content": "\u203c CVE-2022-3121 \u203c\n\nA vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The identifier VDB-207853 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-05T18:12:09.000000Z"} https://db.gcve.eu/sighting/c3893e87-6087-4a7e-976b-9bb0620eaf12/export Mon, 05 Sep 2022 18:12:09 +0000 83ce6964-6894-46c5-9d9a-df9c0413521a https://db.gcve.eu/sighting/83ce6964-6894-46c5-9d9a-df9c0413521a/export {"uuid": "83ce6964-6894-46c5-9d9a-df9c0413521a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31214", "type": "exploited", "source": "https://t.me/S_E_Reborn/4952", "content": "\ud83d\udce6 \u041f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 Linux-\u043c\u0430\u0448\u0438\u043d\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 SANDWORM HackTheBox.\n\n\u2022 Sandworm \u2014 \u044d\u0442\u043e \u043c\u0430\u0448\u0438\u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 #Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0441 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 PGP, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSTI), \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 (RCE) \u0432\u043d\u0443\u0442\u0440\u0438 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 Firejail. \u0412 \u044d\u0442\u043e\u0439 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e SSH \u043a \u043c\u0430\u0448\u0438\u043d\u0435 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \n\n\u2022 \u0414\u0430\u043b\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f cron-\u0437\u0430\u0434\u0430\u0447\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u0443\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0431\u0438\u043d\u0430\u0440\u043d\u0438\u043a \u043d\u0430 Rust. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u043c\u043e\u0434\u0443\u043b\u044c \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0435\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c, \u0447\u0442\u043e \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0448\u0435\u043b\u043b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f atlas, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0435\u0433\u043e cron-\u0437\u0430\u0434\u0430\u0447\u0443. \u041d\u0430\u043a\u043e\u043d\u0435\u0446, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Firejail (CVE-2022-31214) \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443 su \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 root \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u27a1\ufe0f https://youtu.be/NpzTEVfUo_U\n\n#\u041f\u0435\u043d\u0442\u0435\u0441\u0442 #CTF", "creation_timestamp": "2024-07-17T10:52:06.000000Z"} {"uuid": "83ce6964-6894-46c5-9d9a-df9c0413521a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31214", "type": "exploited", "source": "https://t.me/S_E_Reborn/4952", "content": "\ud83d\udce6 \u041f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 Linux-\u043c\u0430\u0448\u0438\u043d\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 SANDWORM HackTheBox.\n\n\u2022 Sandworm \u2014 \u044d\u0442\u043e \u043c\u0430\u0448\u0438\u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 #Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0441 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 PGP, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSTI), \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 (RCE) \u0432\u043d\u0443\u0442\u0440\u0438 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 Firejail. \u0412 \u044d\u0442\u043e\u0439 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e SSH \u043a \u043c\u0430\u0448\u0438\u043d\u0435 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \n\n\u2022 \u0414\u0430\u043b\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f cron-\u0437\u0430\u0434\u0430\u0447\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u0443\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0431\u0438\u043d\u0430\u0440\u043d\u0438\u043a \u043d\u0430 Rust. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u043c\u043e\u0434\u0443\u043b\u044c \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0435\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c, \u0447\u0442\u043e \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0448\u0435\u043b\u043b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f atlas, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0435\u0433\u043e cron-\u0437\u0430\u0434\u0430\u0447\u0443. \u041d\u0430\u043a\u043e\u043d\u0435\u0446, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Firejail (CVE-2022-31214) \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443 su \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 root \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u27a1\ufe0f https://youtu.be/NpzTEVfUo_U\n\n#\u041f\u0435\u043d\u0442\u0435\u0441\u0442 #CTF", "creation_timestamp": "2024-07-17T10:52:06.000000Z"} https://db.gcve.eu/sighting/83ce6964-6894-46c5-9d9a-df9c0413521a/export Wed, 17 Jul 2024 10:52:06 +0000 5b37035d-c0ec-489d-aaec-4e0b451a3e08 https://db.gcve.eu/sighting/5b37035d-c0ec-489d-aaec-4e0b451a3e08/export {"uuid": "5b37035d-c0ec-489d-aaec-4e0b451a3e08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3121", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11810", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3121\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The identifier VDB-207853 was assigned to this vulnerability.\n\ud83d\udccf Published: 2022-09-05T13:50:11.000Z\n\ud83d\udccf Modified: 2025-04-15T13:47:38.493Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.207853", "creation_timestamp": "2025-04-15T13:54:30.000000Z"} {"uuid": "5b37035d-c0ec-489d-aaec-4e0b451a3e08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3121", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11810", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3121\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability was found in SourceCodester Online Employee Leave Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/addemployee.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The identifier VDB-207853 was assigned to this vulnerability.\n\ud83d\udccf Published: 2022-09-05T13:50:11.000Z\n\ud83d\udccf Modified: 2025-04-15T13:47:38.493Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.207853", "creation_timestamp": "2025-04-15T13:54:30.000000Z"} https://db.gcve.eu/sighting/5b37035d-c0ec-489d-aaec-4e0b451a3e08/export Tue, 15 Apr 2025 13:54:30 +0000 54ca60f5-25fd-43c4-b7a0-2782515377fd https://db.gcve.eu/sighting/54ca60f5-25fd-43c4-b7a0-2782515377fd/export {"uuid": "54ca60f5-25fd-43c4-b7a0-2782515377fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31214", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/6030", "content": "\ud83d\udce6 \u041f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 Linux-\u043c\u0430\u0448\u0438\u043d\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 SANDWORM HackTheBox.\n\n\u2022 Sandworm \u2014 \u044d\u0442\u043e \u043c\u0430\u0448\u0438\u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 #Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0441 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 PGP, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSTI), \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 (RCE) \u0432\u043d\u0443\u0442\u0440\u0438 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 Firejail. \u0412 \u044d\u0442\u043e\u0439 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e SSH \u043a \u043c\u0430\u0448\u0438\u043d\u0435 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \n\n\u2022 \u0414\u0430\u043b\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f cron-\u0437\u0430\u0434\u0430\u0447\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u0443\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0431\u0438\u043d\u0430\u0440\u043d\u0438\u043a \u043d\u0430 Rust. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u043c\u043e\u0434\u0443\u043b\u044c \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0435\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c, \u0447\u0442\u043e \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0448\u0435\u043b\u043b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f atlas, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0435\u0433\u043e cron-\u0437\u0430\u0434\u0430\u0447\u0443. \u041d\u0430\u043a\u043e\u043d\u0435\u0446, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Firejail (CVE-2022-31214) \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443 su \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 root \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u27a1\ufe0f https://youtu.be/NpzTEVfUo_U\n\n#\u041f\u0435\u043d\u0442\u0435\u0441\u0442 #CTF", "creation_timestamp": "2025-11-15T12:40:09.000000Z"} {"uuid": "54ca60f5-25fd-43c4-b7a0-2782515377fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31214", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/6030", "content": "\ud83d\udce6 \u041f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 Linux-\u043c\u0430\u0448\u0438\u043d\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 SANDWORM HackTheBox.\n\n\u2022 Sandworm \u2014 \u044d\u0442\u043e \u043c\u0430\u0448\u0438\u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043d\u0430 #Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0441 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 PGP, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043a \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0448\u0430\u0431\u043b\u043e\u043d\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (SSTI), \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 (RCE) \u0432\u043d\u0443\u0442\u0440\u0438 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 Firejail. \u0412 \u044d\u0442\u043e\u0439 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043f\u043e SSH \u043a \u043c\u0430\u0448\u0438\u043d\u0435 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \n\n\u2022 \u0414\u0430\u043b\u0435\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f cron-\u0437\u0430\u0434\u0430\u0447\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u0443\u0435\u0442 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0431\u0438\u043d\u0430\u0440\u043d\u0438\u043a \u043d\u0430 Rust. \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 \u043c\u043e\u0434\u0443\u043b\u044c \u043b\u043e\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0435\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c, \u0447\u0442\u043e \u0437\u0430\u0442\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0448\u0435\u043b\u043b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f atlas, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0435\u0433\u043e cron-\u0437\u0430\u0434\u0430\u0447\u0443. \u041d\u0430\u043a\u043e\u043d\u0435\u0446, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Firejail (CVE-2022-31214) \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443 su \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0443 root \u043d\u0430 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u27a1\ufe0f https://youtu.be/NpzTEVfUo_U\n\n#\u041f\u0435\u043d\u0442\u0435\u0441\u0442 #CTF", "creation_timestamp": "2025-11-15T12:40:09.000000Z"} https://db.gcve.eu/sighting/54ca60f5-25fd-43c4-b7a0-2782515377fd/export Sat, 15 Nov 2025 12:40:09 +0000