https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 08 Jun 2026 08:56:11 +0000 https://db.gcve.eu/sighting/de83355e-9e24-4e66-9944-826296085e02/export {"uuid": "de83355e-9e24-4e66-9944-826296085e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36778", "type": "seen", "source": "https://t.me/cibsecurity/49644", "content": "\u203c CVE-2022-36778 \u203c\n\ninsert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T18:25:26.000000Z"} {"uuid": "de83355e-9e24-4e66-9944-826296085e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36778", "type": "seen", "source": "https://t.me/cibsecurity/49644", "content": "\u203c CVE-2022-36778 \u203c\n\ninsert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T18:25:26.000000Z"} https://db.gcve.eu/sighting/de83355e-9e24-4e66-9944-826296085e02/export Tue, 13 Sep 2022 18:25:26 +0000 https://db.gcve.eu/sighting/50239daa-c5c2-4720-b8a8-bfcc31eb5209/export {"uuid": "50239daa-c5c2-4720-b8a8-bfcc31eb5209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36771", "type": "seen", "source": "https://t.me/cibsecurity/50604", "content": "\u203c CVE-2022-36771 \u203c\n\nIBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T20:34:15.000000Z"} {"uuid": "50239daa-c5c2-4720-b8a8-bfcc31eb5209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36771", "type": "seen", "source": "https://t.me/cibsecurity/50604", "content": "\u203c CVE-2022-36771 \u203c\n\nIBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T20:34:15.000000Z"} https://db.gcve.eu/sighting/50239daa-c5c2-4720-b8a8-bfcc31eb5209/export Wed, 28 Sep 2022 20:34:15 +0000 https://db.gcve.eu/sighting/653ff999-2030-41ca-a647-cb076947a3e1/export {"uuid": "653ff999-2030-41ca-a647-cb076947a3e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36772", "type": "seen", "source": "https://t.me/cibsecurity/50996", "content": "\u203c CVE-2022-36772 \u203c\n\nIBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T20:17:26.000000Z"} {"uuid": "653ff999-2030-41ca-a647-cb076947a3e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36772", "type": "seen", "source": "https://t.me/cibsecurity/50996", "content": "\u203c CVE-2022-36772 \u203c\n\nIBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T20:17:26.000000Z"} https://db.gcve.eu/sighting/653ff999-2030-41ca-a647-cb076947a3e1/export Fri, 07 Oct 2022 20:17:26 +0000 https://db.gcve.eu/sighting/5fa262cb-1ce9-43f8-b1f3-d28b3cf7a20b/export {"uuid": "5fa262cb-1ce9-43f8-b1f3-d28b3cf7a20b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36776", "type": "seen", "source": "https://t.me/cibsecurity/52864", "content": "\u203c CVE-2022-36776 \u203c\n\nIBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 233663.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:39:12.000000Z"} {"uuid": "5fa262cb-1ce9-43f8-b1f3-d28b3cf7a20b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36776", "type": "seen", "source": "https://t.me/cibsecurity/52864", "content": "\u203c CVE-2022-36776 \u203c\n\nIBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 233663.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:39:12.000000Z"} https://db.gcve.eu/sighting/5fa262cb-1ce9-43f8-b1f3-d28b3cf7a20b/export Sun, 13 Nov 2022 05:39:12 +0000 https://db.gcve.eu/sighting/5052114e-f682-4fbe-a0dd-8fab15bea56e/export {"uuid": "5052114e-f682-4fbe-a0dd-8fab15bea56e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3677", "type": "seen", "source": "https://t.me/cibsecurity/53998", "content": "\u203c CVE-2022-3677 \u203c\n\nThe Advanced Import WordPress plugin before 1.3.8 does not have CSRF check when installing and activating plugins, which could allow attackers to make a logged in admin install arbitrary plugins from WordPress.org, and activate arbitrary ones from the blog via CSRF attacks\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T20:39:58.000000Z"} {"uuid": "5052114e-f682-4fbe-a0dd-8fab15bea56e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3677", "type": "seen", "source": "https://t.me/cibsecurity/53998", "content": "\u203c CVE-2022-3677 \u203c\n\nThe Advanced Import WordPress plugin before 1.3.8 does not have CSRF check when installing and activating plugins, which could allow attackers to make a logged in admin install arbitrary plugins from WordPress.org, and activate arbitrary ones from the blog via CSRF attacks\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-05T20:39:58.000000Z"} https://db.gcve.eu/sighting/5052114e-f682-4fbe-a0dd-8fab15bea56e/export Mon, 05 Dec 2022 20:39:58 +0000 https://db.gcve.eu/sighting/516e7797-e52b-473c-91ea-bf8405f778cb/export {"uuid": "516e7797-e52b-473c-91ea-bf8405f778cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36775", "type": "seen", "source": "https://t.me/cibsecurity/58454", "content": "\u203c CVE-2022-36775 \u203c\n\nIBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 233576.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:13:26.000000Z"} {"uuid": "516e7797-e52b-473c-91ea-bf8405f778cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36775", "type": "seen", "source": "https://t.me/cibsecurity/58454", "content": "\u203c CVE-2022-36775 \u203c\n\nIBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 233576.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:13:26.000000Z"} https://db.gcve.eu/sighting/516e7797-e52b-473c-91ea-bf8405f778cb/export Fri, 17 Feb 2023 20:13:26 +0000 https://db.gcve.eu/sighting/0863151a-2e5f-4c35-9745-61cc690cf28f/export {"uuid": "0863151a-2e5f-4c35-9745-61cc690cf28f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36779", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9654", "content": "#exploit\n1. CVE-2022-36779:\nauthenticated Command Injection\nhttps://github.com/rootDR/CVE-2022-36779\n\n2. PoC on BYOVD attack\nhttps://github.com/MrEmpy/Reaper", "creation_timestamp": "2023-12-25T10:57:01.000000Z"} {"uuid": "0863151a-2e5f-4c35-9745-61cc690cf28f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36779", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9654", "content": "#exploit\n1. CVE-2022-36779:\nauthenticated Command Injection\nhttps://github.com/rootDR/CVE-2022-36779\n\n2. PoC on BYOVD attack\nhttps://github.com/MrEmpy/Reaper", "creation_timestamp": "2023-12-25T10:57:01.000000Z"} https://db.gcve.eu/sighting/0863151a-2e5f-4c35-9745-61cc690cf28f/export Mon, 25 Dec 2023 10:57:01 +0000 https://db.gcve.eu/sighting/6874b861-ecf7-4ab9-903b-391d0c4e3177/export {"uuid": "6874b861-ecf7-4ab9-903b-391d0c4e3177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36779", "type": "seen", "source": "https://t.me/arpsyndicate/2187", "content": "#ExploitObserverAlert\n\nCVE-2022-36779\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-36779. PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301\n\nFIRST-EPSS: 0.001420000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-28T03:56:14.000000Z"} {"uuid": "6874b861-ecf7-4ab9-903b-391d0c4e3177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36779", "type": "seen", "source": "https://t.me/arpsyndicate/2187", "content": "#ExploitObserverAlert\n\nCVE-2022-36779\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-36779. PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301\n\nFIRST-EPSS: 0.001420000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-28T03:56:14.000000Z"} https://db.gcve.eu/sighting/6874b861-ecf7-4ab9-903b-391d0c4e3177/export Thu, 28 Dec 2023 03:56:14 +0000 https://db.gcve.eu/sighting/8eabe456-822f-43d1-9492-212a76426106/export {"uuid": "8eabe456-822f-43d1-9492-212a76426106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36779", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2594", "content": "#exploit\n1. CVE-2022-36779:\nauthenticated Command Injection\nhttps://github.com/rootDR/CVE-2022-36779\n\n2. PoC on BYOVD attack\nhttps://github.com/MrEmpy/Reaper", "creation_timestamp": "2024-08-16T09:08:01.000000Z"} {"uuid": "8eabe456-822f-43d1-9492-212a76426106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36779", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2594", "content": "#exploit\n1. CVE-2022-36779:\nauthenticated Command Injection\nhttps://github.com/rootDR/CVE-2022-36779\n\n2. PoC on BYOVD attack\nhttps://github.com/MrEmpy/Reaper", "creation_timestamp": "2024-08-16T09:08:01.000000Z"} https://db.gcve.eu/sighting/8eabe456-822f-43d1-9492-212a76426106/export Fri, 16 Aug 2024 09:08:01 +0000 https://db.gcve.eu/sighting/3f0ded57-87e8-47c8-97a7-189e8d6dd410/export {"uuid": "3f0ded57-87e8-47c8-97a7-189e8d6dd410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36775", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7385", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36775\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 233576.\n\ud83d\udccf Published: 2023-02-17T16:22:46.450Z\n\ud83d\udccf Modified: 2025-03-12T20:07:43.499Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6953617\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/233576", "creation_timestamp": "2025-03-12T20:42:51.000000Z"} {"uuid": "3f0ded57-87e8-47c8-97a7-189e8d6dd410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36775", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7385", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36775\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0, and10.0.4.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 233576.\n\ud83d\udccf Published: 2023-02-17T16:22:46.450Z\n\ud83d\udccf Modified: 2025-03-12T20:07:43.499Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6953617\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/233576", "creation_timestamp": "2025-03-12T20:42:51.000000Z"} https://db.gcve.eu/sighting/3f0ded57-87e8-47c8-97a7-189e8d6dd410/export Wed, 12 Mar 2025 20:42:51 +0000