Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 21:31:31 +0000 94b28151-5b13-40f8-bb0f-ea5665b2b500 https://db.gcve.eu/sighting/94b28151-5b13-40f8-bb0f-ea5665b2b500/export {"uuid": "94b28151-5b13-40f8-bb0f-ea5665b2b500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24359", "type": "seen", "source": "https://t.me/cibsecurity/37747", "content": "\u203c CVE-2022-24359 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15702.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T22:37:51.000000Z"} {"uuid": "94b28151-5b13-40f8-bb0f-ea5665b2b500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24359", "type": "seen", "source": "https://t.me/cibsecurity/37747", "content": "\u203c CVE-2022-24359 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.1.0.52543. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15702.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T22:37:51.000000Z"} https://db.gcve.eu/sighting/94b28151-5b13-40f8-bb0f-ea5665b2b500/export Fri, 18 Feb 2022 22:37:51 +0000 316335c1-4068-47a0-964f-f900aa806cbf https://db.gcve.eu/sighting/316335c1-4068-47a0-964f-f900aa806cbf/export {"uuid": "316335c1-4068-47a0-964f-f900aa806cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2435", "type": "seen", "source": "https://t.me/cibsecurity/46482", "content": "\u203c CVE-2022-2435 \u203c\n\nThe AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. This is due to missing nonce protection on the createDOMStructure() function found in the ~/anymind-widget-id.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site\u00e2\u20ac\u2122s administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T20:39:59.000000Z"} {"uuid": "316335c1-4068-47a0-964f-f900aa806cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2435", "type": "seen", "source": "https://t.me/cibsecurity/46482", "content": "\u203c CVE-2022-2435 \u203c\n\nThe AnyMind Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.1. This is due to missing nonce protection on the createDOMStructure() function found in the ~/anymind-widget-id.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site\u00e2\u20ac\u2122s administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T20:39:59.000000Z"} https://db.gcve.eu/sighting/316335c1-4068-47a0-964f-f900aa806cbf/export Mon, 18 Jul 2022 20:39:59 +0000 e6f2d8cb-6916-487b-99e2-6ba6fc546da5 https://db.gcve.eu/sighting/e6f2d8cb-6916-487b-99e2-6ba6fc546da5/export {"uuid": "e6f2d8cb-6916-487b-99e2-6ba6fc546da5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24355", "type": "published-proof-of-concept", "source": "https://t.me/technical_private_cat/310", "content": "Now here are the cve of linksys and Tp-Link equipment\n\nFor those who do not know linksys is a manufacturer of networking equipment for small offices and homes. They make network hubs, routers, and network cards. \n\nFor example, linksys' managed switches include features for rapid network expansion. The STP and Storm Control protocol features help control planned or unintended cable loops linksys help protect the network with port authentication which requires clients to authenticate themselves before they start working, clients must authenticate themselves before transmitting any data. \nSo what are the vulnerabilities of this equipment ?\n\nHere are some cve \nFor example, there is CVE-2022-38555 it is a buffer overflow vulnerability in Linksys E1200 already has a poc or CVE-2020-35713 remote pre-authentication code execution in Linksys RE6500 already has an exploit for it too . \nMore details about the attacks in the archive below \ud83e\ude78\n\nNow about TP-LINK - it is also a supplier of Wi-Fi routers for home and office and one of the largest manufacturers of network equipment. \n\nI will also tell you about some cve of their equipment \nFor example CVE-2022-30075 - importing a malicious backup file via web interface can lead to remote code execution due to wrong checks , there is an exploit for it or CVE-2022-24355 this is RCE vulnerability, i.e. it allows intruders in neighboring network to run arbitrary code on router installations . No authentication is required to exploit this vulnerability. The problem arises because there is no proper length check on user data before it is copied to a fixed-length stack buffer. An attacker can use this vulnerability to execute code in a root context. \nRead more about it link\n\nAnd I think that's it .\nIn this post we have analyzed types of attacks and some hardware vulnerabilities. \nRead more in the archive below\ud83c\udf1f .There will be more articles about the attacks in the future.\n\nThank you for reading\u2764\ufe0f\nRemember Alice, there is a rabbit hole in the looking glass, so follow the rabbit \ud83d\udc07\ud83c\udf80\n#network #wifi #attacks #cve #exploit #dos #traffic_analysis #router", "creation_timestamp": "2022-11-09T07:53:43.000000Z"} {"uuid": "e6f2d8cb-6916-487b-99e2-6ba6fc546da5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24355", "type": "published-proof-of-concept", "source": "https://t.me/technical_private_cat/310", "content": "Now here are the cve of linksys and Tp-Link equipment\n\nFor those who do not know linksys is a manufacturer of networking equipment for small offices and homes. They make network hubs, routers, and network cards. \n\nFor example, linksys' managed switches include features for rapid network expansion. The STP and Storm Control protocol features help control planned or unintended cable loops linksys help protect the network with port authentication which requires clients to authenticate themselves before they start working, clients must authenticate themselves before transmitting any data. \nSo what are the vulnerabilities of this equipment ?\n\nHere are some cve \nFor example, there is CVE-2022-38555 it is a buffer overflow vulnerability in Linksys E1200 already has a poc or CVE-2020-35713 remote pre-authentication code execution in Linksys RE6500 already has an exploit for it too . \nMore details about the attacks in the archive below \ud83e\ude78\n\nNow about TP-LINK - it is also a supplier of Wi-Fi routers for home and office and one of the largest manufacturers of network equipment. \n\nI will also tell you about some cve of their equipment \nFor example CVE-2022-30075 - importing a malicious backup file via web interface can lead to remote code execution due to wrong checks , there is an exploit for it or CVE-2022-24355 this is RCE vulnerability, i.e. it allows intruders in neighboring network to run arbitrary code on router installations . No authentication is required to exploit this vulnerability. The problem arises because there is no proper length check on user data before it is copied to a fixed-length stack buffer. An attacker can use this vulnerability to execute code in a root context. \nRead more about it link\n\nAnd I think that's it .\nIn this post we have analyzed types of attacks and some hardware vulnerabilities. \nRead more in the archive below\ud83c\udf1f .There will be more articles about the attacks in the future.\n\nThank you for reading\u2764\ufe0f\nRemember Alice, there is a rabbit hole in the looking glass, so follow the rabbit \ud83d\udc07\ud83c\udf80\n#network #wifi #attacks #cve #exploit #dos #traffic_analysis #router", "creation_timestamp": "2022-11-09T07:53:43.000000Z"} https://db.gcve.eu/sighting/e6f2d8cb-6916-487b-99e2-6ba6fc546da5/export Wed, 09 Nov 2022 07:53:43 +0000 640271fa-ec7e-40a5-a8be-c334789c5b77 https://db.gcve.eu/sighting/640271fa-ec7e-40a5-a8be-c334789c5b77/export {"uuid": "640271fa-ec7e-40a5-a8be-c334789c5b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24355", "type": "published-proof-of-concept", "source": "https://t.me/technical_private_cat/308", "content": "\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u0438\u0432\u0435\u0434\u0443 cve \u0443 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f linksys \u0438 Tp-Link\n\n\u0414\u043b\u044f \u0442\u0435\u0445 \u043a\u0442\u043e \u043d\u0435 \u0437\u043d\u0430\u0435\u0442 linksys \u044d\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043c\u0430\u043b\u044b\u0445 \u043e\u0444\u0438\u0441\u043e\u0432 \u0438 \u0434\u043e\u043c\u0430. \u041e\u043d\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u044f\u0442 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u043e\u043d\u0446\u0435\u043d\u0442\u0440\u0430\u0442\u043e\u0440\u044b, \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b, \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u0430\u0440\u0442\u044b. \n\n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b \u043e\u0442 linksys \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0438. \u0424\u0443\u043d\u043a\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 STP \u0438 Storm Control \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u043d\u0435\u043f\u0440\u0435\u0434\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u0431\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0435\u0442\u043b\u0438 linksys \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0441\u0435\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u0440\u0442\u043e\u0432, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0435\u0439 \u043e\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0435\u0434 \u0442\u0435\u043c, \u043a\u0430\u043a \u043e\u043d\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c, \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u043f\u0435\u0440\u0435\u0434 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0435\u0439 \u043b\u044e\u0431\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \n\u0422\u0430\u043a \u043a\u0430\u043a\u0438\u0435 \u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443 \u044d\u0442\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f ?\n\n\u041f\u0440\u0438\u0432\u0435\u0434\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e cve \n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 \u0435\u0441\u0442\u044c CVE-2022-38555 \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 Linksys E1200 \u043d\u0430 \u043d\u0435\u0435 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c poc \u0438\u043b\u0438 CVE-2020-35713 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Linksys RE6500 \u043d\u0430 \u043d\u0435\u0435 \u0442\u043e\u0436\u0435 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 . \n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u0438\u043c\u0435\u043d\u043d\u043e \u043f\u0440\u043e \u0430\u0442\u0430\u043a\u0438 \u0432 \u0430\u0440\u0445\u0438\u0432\u0435 \u043d\u0438\u0436\u0435 \ud83e\ude78\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u043e TP-LINK- \u044d\u0442\u043e \u0442\u043e\u0436\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a Wi-Fi\u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432 \u0434\u043b\u044f \u0434\u043e\u043c\u0430 \u0438 \u043e\u0444\u0438\u0441\u0430 \u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f . \n\n\u0422\u043e\u0436\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0443 \u043f\u0440\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 cve \u0438\u0445 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 CVE-2022-30075 - \u0438\u043c\u043f\u043e\u0440\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0439 \u043a\u043e\u043f\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 , \u043d\u0430 \u043d\u0435\u0435 \u0435\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0438\u043b\u0438 CVE-2022-24355 \u044d\u0442\u043e RCE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442.\u0435 \u043e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u0441\u044f \u0432 \u0441\u043e\u0441\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 . \u0414\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0434\u043b\u0438\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u0434 \u0438\u0445 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432 \u0441\u0442\u0435\u043a\u043e\u0432\u044b\u0439 \u0431\u0443\u0444\u0435\u0440 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0434\u043b\u0438\u043d\u044b. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 root. \n\u0411\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e \u043d\u0435\u0439 \u0442\u044b\u043a\n\n\u0410 \u043d\u0430 \u044d\u0442\u043e\u043c \u0434\u0443\u043c\u0430\u044e \u0432\u0441\u0435 .\n\u0412 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0435 \u043c\u044b \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b\u0438 \u0432\u0438\u0434\u044b \u0430\u0442\u0430\u043a \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f. \n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u043a\u0430\u043a \u0432\u0441\u0435\u0433\u0434\u0430 \u0432 \u0430\u0440\u0445\u0438\u0432\u0435 \u043d\u0438\u0436\u0435\ud83c\udf1f .\u0412 \u0431\u0443\u0434\u0443\u0449\u0435\u043c \u0431\u0443\u0434\u0443\u0442 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u0442\u044b \u043f\u0440\u043e \u0430\u0442\u0430\u043a\u0438\n\n\u0421\u043f\u0430\u0441\u0438\u0431\u043e \u0437\u0430 \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u0435\u2764\ufe0f\n\u0418 \u043f\u043e\u043c\u043d\u0438 \u0410\u043b\u0438\u0441\u0430 , \u043a\u0440\u043e\u043b\u0438\u0447\u044c\u044f \u043d\u043e\u0440\u0430 \u0435\u0441\u0442\u044c \u0438 \u0432 \u0437\u0430\u0437\u0435\u0440\u043a\u0430\u043b\u044c\u0435 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u0441\u043b\u0435\u0434\u0443\u0439 \u0437\u0430 \u043a\u0440\u043e\u043b\u0438\u043a\u043e\u043c \u0438 \u0434\u0430\u043b\u044c\u0448\u0435\ud83d\udc07\ud83c\udf80\n#network #wifi #attacks #cve #exploit #dos #traffic_analysis #router", "creation_timestamp": "2022-11-15T12:28:38.000000Z"} {"uuid": "640271fa-ec7e-40a5-a8be-c334789c5b77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24355", "type": "published-proof-of-concept", "source": "https://t.me/technical_private_cat/308", "content": "\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u0438\u0432\u0435\u0434\u0443 cve \u0443 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f linksys \u0438 Tp-Link\n\n\u0414\u043b\u044f \u0442\u0435\u0445 \u043a\u0442\u043e \u043d\u0435 \u0437\u043d\u0430\u0435\u0442 linksys \u044d\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043b\u044f \u043c\u0430\u043b\u044b\u0445 \u043e\u0444\u0438\u0441\u043e\u0432 \u0438 \u0434\u043e\u043c\u0430. \u041e\u043d\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u044f\u0442 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u043e\u043d\u0446\u0435\u043d\u0442\u0440\u0430\u0442\u043e\u0440\u044b, \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b, \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u0430\u0440\u0442\u044b. \n\n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b \u043e\u0442 linksys \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0434\u043b\u044f \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0438. \u0424\u0443\u043d\u043a\u0446\u0438\u0438 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 STP \u0438 Storm Control \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u043d\u0435\u043f\u0440\u0435\u0434\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0435 \u043a\u0430\u0431\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0435\u0442\u043b\u0438 linksys \u043f\u043e\u043c\u043e\u0433\u0430\u044e\u0442 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0441\u0435\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u043e\u0440\u0442\u043e\u0432, \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0435\u0439 \u043e\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0435\u0434 \u0442\u0435\u043c, \u043a\u0430\u043a \u043e\u043d\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c, \u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u043f\u0435\u0440\u0435\u0434 \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0435\u0439 \u043b\u044e\u0431\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \n\u0422\u0430\u043a \u043a\u0430\u043a\u0438\u0435 \u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443 \u044d\u0442\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f ?\n\n\u041f\u0440\u0438\u0432\u0435\u0434\u0443 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e cve \n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 \u0435\u0441\u0442\u044c CVE-2022-38555 \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 Linksys E1200 \u043d\u0430 \u043d\u0435\u0435 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c poc \u0438\u043b\u0438 CVE-2020-35713 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Linksys RE6500 \u043d\u0430 \u043d\u0435\u0435 \u0442\u043e\u0436\u0435 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 . \n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u0438\u043c\u0435\u043d\u043d\u043e \u043f\u0440\u043e \u0430\u0442\u0430\u043a\u0438 \u0432 \u0430\u0440\u0445\u0438\u0432\u0435 \u043d\u0438\u0436\u0435 \ud83e\ude78\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u043f\u0440\u043e TP-LINK- \u044d\u0442\u043e \u0442\u043e\u0436\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a Wi-Fi\u0440\u043e\u0443\u0442\u0435\u0440\u043e\u0432 \u0434\u043b\u044f \u0434\u043e\u043c\u0430 \u0438 \u043e\u0444\u0438\u0441\u0430 \u0438 \u043e\u0434\u0438\u043d \u0438\u0437 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f . \n\n\u0422\u043e\u0436\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0443 \u043f\u0440\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 cve \u0438\u0445 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \n\u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443 CVE-2022-30075 - \u0438\u043c\u043f\u043e\u0440\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u043e\u0439 \u043a\u043e\u043f\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 , \u043d\u0430 \u043d\u0435\u0435 \u0435\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0438\u043b\u0438 CVE-2022-24355 \u044d\u0442\u043e RCE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442.\u0435 \u043e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u0441\u044f \u0432 \u0441\u043e\u0441\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430\u0445 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 . \u0414\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0434\u043b\u0438\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u0434 \u0438\u0445 \u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432 \u0441\u0442\u0435\u043a\u043e\u0432\u044b\u0439 \u0431\u0443\u0444\u0435\u0440 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0434\u043b\u0438\u043d\u044b. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 root. \n\u0411\u043e\u043b\u0435\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e \u043d\u0435\u0439 \u0442\u044b\u043a\n\n\u0410 \u043d\u0430 \u044d\u0442\u043e\u043c \u0434\u0443\u043c\u0430\u044e \u0432\u0441\u0435 .\n\u0412 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0435 \u043c\u044b \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b\u0438 \u0432\u0438\u0434\u044b \u0430\u0442\u0430\u043a \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f. \n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435 \u043a\u0430\u043a \u0432\u0441\u0435\u0433\u0434\u0430 \u0432 \u0430\u0440\u0445\u0438\u0432\u0435 \u043d\u0438\u0436\u0435\ud83c\udf1f .\u0412 \u0431\u0443\u0434\u0443\u0449\u0435\u043c \u0431\u0443\u0434\u0443\u0442 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u0442\u044b \u043f\u0440\u043e \u0430\u0442\u0430\u043a\u0438\n\n\u0421\u043f\u0430\u0441\u0438\u0431\u043e \u0437\u0430 \u043f\u0440\u043e\u0447\u0442\u0435\u043d\u0438\u0435\u2764\ufe0f\n\u0418 \u043f\u043e\u043c\u043d\u0438 \u0410\u043b\u0438\u0441\u0430 , \u043a\u0440\u043e\u043b\u0438\u0447\u044c\u044f \u043d\u043e\u0440\u0430 \u0435\u0441\u0442\u044c \u0438 \u0432 \u0437\u0430\u0437\u0435\u0440\u043a\u0430\u043b\u044c\u0435 \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u0441\u043b\u0435\u0434\u0443\u0439 \u0437\u0430 \u043a\u0440\u043e\u043b\u0438\u043a\u043e\u043c \u0438 \u0434\u0430\u043b\u044c\u0448\u0435\ud83d\udc07\ud83c\udf80\n#network #wifi #attacks #cve #exploit #dos #traffic_analysis #router", "creation_timestamp": "2022-11-15T12:28:38.000000Z"} https://db.gcve.eu/sighting/640271fa-ec7e-40a5-a8be-c334789c5b77/export Tue, 15 Nov 2022 12:28:38 +0000 14d5ac70-bfac-4fca-a1e9-fa6d3783c4a2 https://db.gcve.eu/sighting/14d5ac70-bfac-4fca-a1e9-fa6d3783c4a2/export {"uuid": "14d5ac70-bfac-4fca-a1e9-fa6d3783c4a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24352", "type": "seen", "source": "https://t.me/cibsecurity/60924", "content": "\u203c CVE-2022-24352 \u203c\n\nThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 211210 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko kernel module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15773.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:40:04.000000Z"} {"uuid": "14d5ac70-bfac-4fca-a1e9-fa6d3783c4a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24352", "type": "seen", "source": "https://t.me/cibsecurity/60924", "content": "\u203c CVE-2022-24352 \u203c\n\nThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 211210 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko kernel module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15773.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:40:04.000000Z"} https://db.gcve.eu/sighting/14d5ac70-bfac-4fca-a1e9-fa6d3783c4a2/export Tue, 28 Mar 2023 22:40:04 +0000 0a4124a9-08fb-4fb5-a1b7-4355e98c8bca https://db.gcve.eu/sighting/0a4124a9-08fb-4fb5-a1b7-4355e98c8bca/export {"uuid": "0a4124a9-08fb-4fb5-a1b7-4355e98c8bca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24353", "type": "seen", "source": "https://t.me/cibsecurity/60926", "content": "\u203c CVE-2022-24353 \u203c\n\nThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 1.1.4 Build 20211022 rel.59103(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-15769.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:40:06.000000Z"} {"uuid": "0a4124a9-08fb-4fb5-a1b7-4355e98c8bca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24353", "type": "seen", "source": "https://t.me/cibsecurity/60926", "content": "\u203c CVE-2022-24353 \u203c\n\nThis vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 1.1.4 Build 20211022 rel.59103(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-15769.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:40:06.000000Z"} https://db.gcve.eu/sighting/0a4124a9-08fb-4fb5-a1b7-4355e98c8bca/export Tue, 28 Mar 2023 22:40:06 +0000 20faa39d-7308-471d-b117-4c5083cd7ecf https://db.gcve.eu/sighting/20faa39d-7308-471d-b117-4c5083cd7ecf/export {"uuid": "20faa39d-7308-471d-b117-4c5083cd7ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24350", "type": "seen", "source": "https://t.me/cibsecurity/61971", "content": "\u203c CVE-2022-24350 \u203c\n\nAn issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Specially formatted buffer contents used for software SMI could cause SMRAM corruption, leading to escalation of privilege.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T16:23:45.000000Z"} {"uuid": "20faa39d-7308-471d-b117-4c5083cd7ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24350", "type": "seen", "source": "https://t.me/cibsecurity/61971", "content": "\u203c CVE-2022-24350 \u203c\n\nAn issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Specially formatted buffer contents used for software SMI could cause SMRAM corruption, leading to escalation of privilege.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T16:23:45.000000Z"} https://db.gcve.eu/sighting/20faa39d-7308-471d-b117-4c5083cd7ecf/export Wed, 12 Apr 2023 16:23:45 +0000 e8078f8b-9ef4-4441-b4be-ff792ef49ff7 https://db.gcve.eu/sighting/e8078f8b-9ef4-4441-b4be-ff792ef49ff7/export {"uuid": "e8078f8b-9ef4-4441-b4be-ff792ef49ff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24351", "type": "seen", "source": "https://t.me/ctinow/166659", "content": "https://ift.tt/AT0MuBm\nCVE-2022-24351 | Insyde InsydeH2O up to 05.27.28/05.36.28/05.44.12/05.52.12 Boot toctou", "creation_timestamp": "2024-01-11T17:37:01.000000Z"} {"uuid": "e8078f8b-9ef4-4441-b4be-ff792ef49ff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24351", "type": "seen", "source": "https://t.me/ctinow/166659", "content": "https://ift.tt/AT0MuBm\nCVE-2022-24351 | Insyde InsydeH2O up to 05.27.28/05.36.28/05.44.12/05.52.12 Boot toctou", "creation_timestamp": "2024-01-11T17:37:01.000000Z"} https://db.gcve.eu/sighting/e8078f8b-9ef4-4441-b4be-ff792ef49ff7/export Thu, 11 Jan 2024 17:37:01 +0000