Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 18:46:15 +0000 cd81b976-68d9-41f0-a0fd-8d820402e2b0 https://db.gcve.eu/sighting/cd81b976-68d9-41f0-a0fd-8d820402e2b0/export {"uuid": "cd81b976-68d9-41f0-a0fd-8d820402e2b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25636", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5786", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Mar 1-31)\n\nCVE-2022-1096 - Type Confusion in V8\nhttps://github.com/Maverick-cmd/Chrome-and-Edge-Version-Dumper\nCVE-2022-0847 - Dirty Pipe Vuln\nhttps://t.me/CyberSecurityTechnologies/5560\nCVE-2022-0778 - OpenSSL Illegal x.509 certificate construction\nhttps://t.me/CyberSecurityTechnologies/5692\nCVE-2022-0492 - Privilege escalation vuln causing container escape\nhttps://sysdig.com/blog/detecting-mitigating-cve-2022-0492-sysdig\nCVE-2022-22947 - Spring Cloud Gateway RCE\nhttps://t.me/CyberSecurityTechnologies/5554\nCVE-2022-22963 - Spring Core RCE\nhttps://t.me/CyberSecurityTechnologies/5711\nCVE-2022-25636 - net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write\nhttps://t.me/CyberSecurityTechnologies/5570\nCVE-2022-27254 - Vuln in Honda's Remote Keyless System\nhttps://github.com/nonamecoder/CVE-2022-27254\nCVE-2022-0609 - https://blog.google/threat-analysis-group/countering-threats-north-korea", "creation_timestamp": "2022-04-11T11:00:21.000000Z"} {"uuid": "cd81b976-68d9-41f0-a0fd-8d820402e2b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25636", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5786", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Mar 1-31)\n\nCVE-2022-1096 - Type Confusion in V8\nhttps://github.com/Maverick-cmd/Chrome-and-Edge-Version-Dumper\nCVE-2022-0847 - Dirty Pipe Vuln\nhttps://t.me/CyberSecurityTechnologies/5560\nCVE-2022-0778 - OpenSSL Illegal x.509 certificate construction\nhttps://t.me/CyberSecurityTechnologies/5692\nCVE-2022-0492 - Privilege escalation vuln causing container escape\nhttps://sysdig.com/blog/detecting-mitigating-cve-2022-0492-sysdig\nCVE-2022-22947 - Spring Cloud Gateway RCE\nhttps://t.me/CyberSecurityTechnologies/5554\nCVE-2022-22963 - Spring Core RCE\nhttps://t.me/CyberSecurityTechnologies/5711\nCVE-2022-25636 - net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write\nhttps://t.me/CyberSecurityTechnologies/5570\nCVE-2022-27254 - Vuln in Honda's Remote Keyless System\nhttps://github.com/nonamecoder/CVE-2022-27254\nCVE-2022-0609 - https://blog.google/threat-analysis-group/countering-threats-north-korea", "creation_timestamp": "2022-04-11T11:00:21.000000Z"} https://db.gcve.eu/sighting/cd81b976-68d9-41f0-a0fd-8d820402e2b0/export Mon, 11 Apr 2022 11:00:21 +0000 3d4db812-6ed0-4308-b7ab-1679aebe5942 https://db.gcve.eu/sighting/3d4db812-6ed0-4308-b7ab-1679aebe5942/export {"uuid": "3d4db812-6ed0-4308-b7ab-1679aebe5942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25635", "type": "seen", "source": "https://t.me/cibsecurity/49032", "content": "\u203c CVE-2022-25635 \u203c\n\nRealtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-30T12:35:20.000000Z"} {"uuid": "3d4db812-6ed0-4308-b7ab-1679aebe5942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25635", "type": "seen", "source": "https://t.me/cibsecurity/49032", "content": "\u203c CVE-2022-25635 \u203c\n\nRealtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-30T12:35:20.000000Z"} https://db.gcve.eu/sighting/3d4db812-6ed0-4308-b7ab-1679aebe5942/export Tue, 30 Aug 2022 12:35:20 +0000 ac41632c-2697-4aae-9521-8317c7dde54a https://db.gcve.eu/sighting/ac41632c-2697-4aae-9521-8317c7dde54a/export {"uuid": "ac41632c-2697-4aae-9521-8317c7dde54a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25630", "type": "seen", "source": "https://t.me/cibsecurity/54235", "content": "\u203c CVE-2022-25630 \u203c\n\nAn authenticated user can embed malicious content with XSS into the admin group policy page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-09T20:18:46.000000Z"} {"uuid": "ac41632c-2697-4aae-9521-8317c7dde54a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25630", "type": "seen", "source": "https://t.me/cibsecurity/54235", "content": "\u203c CVE-2022-25630 \u203c\n\nAn authenticated user can embed malicious content with XSS into the admin group policy page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-09T20:18:46.000000Z"} https://db.gcve.eu/sighting/ac41632c-2697-4aae-9521-8317c7dde54a/export Fri, 09 Dec 2022 20:18:46 +0000 b8134034-abf9-4434-94d3-caad4f766902 https://db.gcve.eu/sighting/b8134034-abf9-4434-94d3-caad4f766902/export {"uuid": "b8134034-abf9-4434-94d3-caad4f766902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25638", "type": "seen", "source": "https://t.me/tech_b0lt_Genona/3521", "content": "\u0412 \u0431\u043b\u043e\u0433\u0435 Trail of Bits \u0432\u044b\u0448\u043b\u0430 \u0441\u0442\u0430\u0442\u044c\u044f \"Keeping the wolves out of wolfSSL\". \u0422\u0430\u043a \u043a\u0430\u043a \u0443 \u043c\u0435\u043d\u044f \u0431\u044b\u043b \u0443\u0436\u0435 \u043d\u0430 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d \u043f\u043e\u0441\u0442 \u043e \u0444\u0430\u0437\u0437\u0435\u0440\u0430\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0442\u043e \u0434\u0443\u043c\u0430\u043b \u0437\u0430\u043a\u0438\u043d\u0443\u0442\u044c \u0441\u0442\u0430\u0442\u044c\u044e \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \"Someday\", \u043d\u043e \u0447\u0442\u043e-\u0442\u043e \u043f\u043e\u0432\u0435\u043b\u0435\u043b\u043e \u043c\u043d\u0435 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0435\u0451...\n\n\u041f\u043e \u0441\u0443\u0442\u0438 \u0432 \u0441\u0442\u0430\u0442\u044c\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e \u043d\u043e\u0432\u043e\u043c \u0444\u0430\u0437\u0437\u0435\u0440\u0435 tlspuffin \u043d\u0430 \u043c\u043e\u0434\u043d\u043e\u043c Rust. \u041d\u043e \u043e\u043d \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0438 \u0435\u0433\u043e \u0446\u0435\u043b\u0438 \u044d\u0442\u043e \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b. tlspuffin \u0431\u0430\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u043c\u043e\u0434\u0435\u043b\u0438 \u0443\u0433\u0440\u043e\u0437 \u0414\u043e\u043b\u0435\u0432\u0430-\u042f\u043e \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u043f\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u0430\u043c LibAFL (\u043d\u0430 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 tlspuffin). \u0414\u0430, \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 ProVerif \u0438 Tamarin, \u043d\u043e \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0439 \u0444\u0430\u0437\u0437\u0435\u0440 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0439\u0442\u0438 \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0431\u0430\u0433\u0438 \u043f\u0440\u0438 \u0441\u043b\u043e\u0436\u043d\u043e \u0443\u043b\u043e\u0432\u0438\u043c\u044b\u0445 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f\u0445\n\n\u0414\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0442\u0435\u0441\u0442\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0435\u0440\u0435\u043d\u0430\u0448\u0451\u043b, \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 Trail of Bits \u0440\u0430\u043d\u0435\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-25640 and CVE-2022-25638 \u0432 wolfSSL, \u0430 \u0437\u0430\u0442\u0435\u043c \u0441\u043c\u043e\u0433 \u043d\u0430\u0439\u0442\u0438 \u043d\u043e\u0432\u044b\u0435 (\u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0444\u0430\u0437\u0437\u0438\u043d\u0433\u0430 \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0437\u0430\u043d\u044f\u043b \u043e\u043a\u043e\u043b\u043e \u0447\u0430\u0441\u0430 \u043d\u0430 \u043a\u0430\u0436\u0434\u0443\u044e \u0438\u0437 \u043d\u0438\u0445):\n\n- DOSC (Denial of service against clients): CVE-2022-38153\n- DOSS (Denial of service against servers): CVE-2022-38152\n- BUF: CVE-2022-39173\n- HEAP: CVE-2022-42905\n\n\u041a\u0430\u043a \u043f\u0438\u0448\u0435\u0442 \u0430\u0432\u0442\u043e\u0440, \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u0435\u0440\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0431\u0430\u0433\u0438 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u043e\u043a\u043e\u043b\u043e 30 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439. \u041d\u043e \u044d\u0442\u043e\u0433\u043e \u043d\u0435 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u043e\u0441\u044c, \u0442\u0430\u043a \u043a\u0430\u043a tlspuffin \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u043e\u0441\u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0438 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 GDB. \u041f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u0431\u0430\u0433\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043d\u0435\u043a\u043e\u0435\u0433\u043e \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0449\u0435\u0433\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u043c\u0435\u0436\u0434\u0443 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438, \u0447\u0442\u043e \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043b\u044f \u0442\u0430\u043a\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438.\n\n\u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 tlspuffin \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0445\u043e\u0442\u044f \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438. \u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443, \u0443 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0443\u0448\u043b\u043e 5-6 \u043d\u0435\u0434\u0435\u043b\u044c \u043d\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 SSH, \u043d\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u043e\u0434\u0438\u043d \u0440\u0430\u0437 \u044d\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043f\u0435\u0440\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c. \u0422\u0430\u043a tlspuffin \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0442\u0435\u0441\u0442\u043e\u0432\u044b\u0445 \u043d\u0430\u0431\u043e\u0440\u043e\u0432, \u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0445 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0440\u0435\u0433\u0440\u0435\u0441\u0441\u0438\u043e\u043d\u043d\u044b\u0435 \u0442\u0435\u0441\u0442\u044b. \u0422\u043e \u0435\u0441\u0442\u044c \u043f\u043e \u0441\u0443\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c TLS-Attacker\n\n\u041a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0430\u0432\u0442\u043e\u0440\u044b \u0432 \u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438, TLS \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b, \u044d\u0442\u043e \u0442\u0430 \u043f\u043e\u0432\u0441\u0435\u0434\u043d\u0435\u0432\u043d\u0430\u044f \u0438 \u043f\u043e\u0432\u0441\u0435\u043c\u0435\u0441\u0442\u043d\u0430\u044f \u0432\u0435\u0449\u044c, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \"\u0434\u043e\u0432\u0435\u0440\u044f\u0435\u043c\" \u0438 \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0435\u0451 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u0430\u0436\u043d\u0430\u044f \u0432\u0435\u0449\u044c", "creation_timestamp": "2023-01-17T10:37:08.000000Z"} {"uuid": "b8134034-abf9-4434-94d3-caad4f766902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25638", "type": "seen", "source": "https://t.me/tech_b0lt_Genona/3521", "content": "\u0412 \u0431\u043b\u043e\u0433\u0435 Trail of Bits \u0432\u044b\u0448\u043b\u0430 \u0441\u0442\u0430\u0442\u044c\u044f \"Keeping the wolves out of wolfSSL\". \u0422\u0430\u043a \u043a\u0430\u043a \u0443 \u043c\u0435\u043d\u044f \u0431\u044b\u043b \u0443\u0436\u0435 \u043d\u0430 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d \u043f\u043e\u0441\u0442 \u043e \u0444\u0430\u0437\u0437\u0435\u0440\u0430\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0442\u043e \u0434\u0443\u043c\u0430\u043b \u0437\u0430\u043a\u0438\u043d\u0443\u0442\u044c \u0441\u0442\u0430\u0442\u044c\u044e \u0432 \u0441\u043f\u0438\u0441\u043e\u043a \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \"Someday\", \u043d\u043e \u0447\u0442\u043e-\u0442\u043e \u043f\u043e\u0432\u0435\u043b\u0435\u043b\u043e \u043c\u043d\u0435 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0435\u0451...\n\n\u041f\u043e \u0441\u0443\u0442\u0438 \u0432 \u0441\u0442\u0430\u0442\u044c\u0435 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043e \u043d\u043e\u0432\u043e\u043c \u0444\u0430\u0437\u0437\u0435\u0440\u0435 tlspuffin \u043d\u0430 \u043c\u043e\u0434\u043d\u043e\u043c Rust. \u041d\u043e \u043e\u043d \u043e\u043a\u0430\u0437\u0430\u043b\u0441\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0438 \u0435\u0433\u043e \u0446\u0435\u043b\u0438 \u044d\u0442\u043e \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b. tlspuffin \u0431\u0430\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u043c\u043e\u0434\u0435\u043b\u0438 \u0443\u0433\u0440\u043e\u0437 \u0414\u043e\u043b\u0435\u0432\u0430-\u042f\u043e \u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d \u043f\u043e \u043f\u0440\u0430\u0432\u0438\u043b\u0430\u043c LibAFL (\u043d\u0430 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 tlspuffin). \u0414\u0430, \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 ProVerif \u0438 Tamarin, \u043d\u043e \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0439 \u0444\u0430\u0437\u0437\u0435\u0440 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0430\u0439\u0442\u0438 \u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0431\u0430\u0433\u0438 \u043f\u0440\u0438 \u0441\u043b\u043e\u0436\u043d\u043e \u0443\u043b\u043e\u0432\u0438\u043c\u044b\u0445 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f\u0445\n\n\u0414\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0442\u0435\u0441\u0442\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0435\u0440\u0435\u043d\u0430\u0448\u0451\u043b, \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 Trail of Bits \u0440\u0430\u043d\u0435\u0435, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-25640 and CVE-2022-25638 \u0432 wolfSSL, \u0430 \u0437\u0430\u0442\u0435\u043c \u0441\u043c\u043e\u0433 \u043d\u0430\u0439\u0442\u0438 \u043d\u043e\u0432\u044b\u0435 (\u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0444\u0430\u0437\u0437\u0438\u043d\u0433\u0430 \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0437\u0430\u043d\u044f\u043b \u043e\u043a\u043e\u043b\u043e \u0447\u0430\u0441\u0430 \u043d\u0430 \u043a\u0430\u0436\u0434\u0443\u044e \u0438\u0437 \u043d\u0438\u0445):\n\n- DOSC (Denial of service against clients): CVE-2022-38153\n- DOSS (Denial of service against servers): CVE-2022-38152\n- BUF: CVE-2022-39173\n- HEAP: CVE-2022-42905\n\n\u041a\u0430\u043a \u043f\u0438\u0448\u0435\u0442 \u0430\u0432\u0442\u043e\u0440, \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u0435\u0440\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0431\u0430\u0433\u0438 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u043e\u0441\u044c \u0431\u044b \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u043e\u043a\u043e\u043b\u043e 30 \u0440\u0430\u0437\u043d\u044b\u0445 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u0439. \u041d\u043e \u044d\u0442\u043e\u0433\u043e \u043d\u0435 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u043e\u0441\u044c, \u0442\u0430\u043a \u043a\u0430\u043a tlspuffin \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u043e\u0441\u0441\u043e\u0437\u0434\u0430\u0442\u044c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0438 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 GDB. \u041f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u0431\u0430\u0433\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043d\u0435\u043a\u043e\u0435\u0433\u043e \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0449\u0435\u0433\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u043c\u0435\u0436\u0434\u0443 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438, \u0447\u0442\u043e \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043b\u044f \u0442\u0430\u043a\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438.\n\n\u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 tlspuffin \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0438 \u0434\u043b\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0445\u043e\u0442\u044f \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0442\u044c \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438. \u041a \u043f\u0440\u0438\u043c\u0435\u0440\u0443, \u0443 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0443\u0448\u043b\u043e 5-6 \u043d\u0435\u0434\u0435\u043b\u044c \u043d\u0430 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 SSH, \u043d\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u043e\u0434\u0438\u043d \u0440\u0430\u0437 \u044d\u0442\u043e \u043c\u043e\u0436\u043d\u043e \u0431\u0443\u0434\u0435\u0442 \u043f\u0435\u0440\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c. \u0422\u0430\u043a tlspuffin \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0442\u0435\u0441\u0442\u043e\u0432\u044b\u0445 \u043d\u0430\u0431\u043e\u0440\u043e\u0432, \u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u044b\u0445 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u0432 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0440\u0435\u0433\u0440\u0435\u0441\u0441\u0438\u043e\u043d\u043d\u044b\u0435 \u0442\u0435\u0441\u0442\u044b. \u0422\u043e \u0435\u0441\u0442\u044c \u043f\u043e \u0441\u0443\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c TLS-Attacker\n\n\u041a\u0430\u043a \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0438 \u0430\u0432\u0442\u043e\u0440\u044b \u0432 \u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0438, TLS \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u044b, \u044d\u0442\u043e \u0442\u0430 \u043f\u043e\u0432\u0441\u0435\u0434\u043d\u0435\u0432\u043d\u0430\u044f \u0438 \u043f\u043e\u0432\u0441\u0435\u043c\u0435\u0441\u0442\u043d\u0430\u044f \u0432\u0435\u0449\u044c, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u044b \"\u0434\u043e\u0432\u0435\u0440\u044f\u0435\u043c\" \u0438 \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0435\u0451 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u0430\u0436\u043d\u0430\u044f \u0432\u0435\u0449\u044c", "creation_timestamp": "2023-01-17T10:37:08.000000Z"} https://db.gcve.eu/sighting/b8134034-abf9-4434-94d3-caad4f766902/export Tue, 17 Jan 2023 10:37:08 +0000 d9aa49bf-848e-4f7d-84cb-8364e6781060 https://db.gcve.eu/sighting/d9aa49bf-848e-4f7d-84cb-8364e6781060/export {"uuid": "d9aa49bf-848e-4f7d-84cb-8364e6781060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25631", "type": "seen", "source": "https://t.me/cibsecurity/56771", "content": "\u203c CVE-2022-25631 \u203c\n\nSymantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-20T20:22:45.000000Z"} {"uuid": "d9aa49bf-848e-4f7d-84cb-8364e6781060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25631", "type": "seen", "source": "https://t.me/cibsecurity/56771", "content": "\u203c CVE-2022-25631 \u203c\n\nSymantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-20T20:22:45.000000Z"} https://db.gcve.eu/sighting/d9aa49bf-848e-4f7d-84cb-8364e6781060/export Fri, 20 Jan 2023 20:22:45 +0000 acabc38f-ba86-4f7c-aa4d-1f501d0611e8 https://db.gcve.eu/sighting/acabc38f-ba86-4f7c-aa4d-1f501d0611e8/export {"uuid": "acabc38f-ba86-4f7c-aa4d-1f501d0611e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25637", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7595", "content": "#exploit\n1. CVE-2022-42864:\nConcurrent Execution using Shared Resource with Improper Synchronization (\"Race Condition\")\nhttps://muirey03.blogspot.com/2023/01/cve-2022-42864-diabolical-cookies.html\n\n2. CVE-2022-25637:\nMultiple TOCTOU vulns in peripheral devices (Razer, EVGA, MSI, AMI)\nhttps://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers", "creation_timestamp": "2023-01-22T13:42:55.000000Z"} {"uuid": "acabc38f-ba86-4f7c-aa4d-1f501d0611e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25637", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7595", "content": "#exploit\n1. CVE-2022-42864:\nConcurrent Execution using Shared Resource with Improper Synchronization (\"Race Condition\")\nhttps://muirey03.blogspot.com/2023/01/cve-2022-42864-diabolical-cookies.html\n\n2. CVE-2022-25637:\nMultiple TOCTOU vulns in peripheral devices (Razer, EVGA, MSI, AMI)\nhttps://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers", "creation_timestamp": "2023-01-22T13:42:55.000000Z"} https://db.gcve.eu/sighting/acabc38f-ba86-4f7c-aa4d-1f501d0611e8/export Sun, 22 Jan 2023 13:42:55 +0000 57c28bf5-3e57-451a-92a7-18d46dc2fb03 https://db.gcve.eu/sighting/57c28bf5-3e57-451a-92a7-18d46dc2fb03/export {"uuid": "57c28bf5-3e57-451a-92a7-18d46dc2fb03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25637", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2381", "content": "#exploit\n1. CVE-2022-42864:\nConcurrent Execution using Shared Resource with Improper Synchronization (\"Race Condition\")\nhttps://muirey03.blogspot.com/2023/01/cve-2022-42864-diabolical-cookies.html\n\n2. CVE-2022-25637:\nMultiple TOCTOU vulns in peripheral devices (Razer, EVGA, MSI, AMI)\nhttps://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers", "creation_timestamp": "2023-01-22T18:58:04.000000Z"} {"uuid": "57c28bf5-3e57-451a-92a7-18d46dc2fb03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25637", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2381", "content": "#exploit\n1. CVE-2022-42864:\nConcurrent Execution using Shared Resource with Improper Synchronization (\"Race Condition\")\nhttps://muirey03.blogspot.com/2023/01/cve-2022-42864-diabolical-cookies.html\n\n2. CVE-2022-25637:\nMultiple TOCTOU vulns in peripheral devices (Razer, EVGA, MSI, AMI)\nhttps://www.cyberark.com/resources/threat-research-blog/inglourious-drivers-a-journey-of-finding-vulnerabilities-in-drivers", "creation_timestamp": "2023-01-22T18:58:04.000000Z"} https://db.gcve.eu/sighting/57c28bf5-3e57-451a-92a7-18d46dc2fb03/export Sun, 22 Jan 2023 18:58:04 +0000 7a79f8ce-bfa9-4e2b-b00e-1670b4a363fe https://db.gcve.eu/sighting/7a79f8ce-bfa9-4e2b-b00e-1670b4a363fe/export {"uuid": "7a79f8ce-bfa9-4e2b-b00e-1670b4a363fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25636", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 & CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"} {"uuid": "7a79f8ce-bfa9-4e2b-b00e-1670b4a363fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25636", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 & CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"} https://db.gcve.eu/sighting/7a79f8ce-bfa9-4e2b-b00e-1670b4a363fe/export Thu, 23 Mar 2023 06:30:43 +0000 2a1d9cf4-acfd-4849-8a73-077c96c269f5 https://db.gcve.eu/sighting/2a1d9cf4-acfd-4849-8a73-077c96c269f5/export {"uuid": "2a1d9cf4-acfd-4849-8a73-077c96c269f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25636", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"} {"uuid": "2a1d9cf4-acfd-4849-8a73-077c96c269f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25636", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"} https://db.gcve.eu/sighting/2a1d9cf4-acfd-4849-8a73-077c96c269f5/export Thu, 23 Mar 2023 09:18:19 +0000 c5b0cc13-8dc4-4058-9701-c74009937e30 https://db.gcve.eu/sighting/c5b0cc13-8dc4-4058-9701-c74009937e30/export {"uuid": "c5b0cc13-8dc4-4058-9701-c74009937e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2563", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16199", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2563\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-13T19:23:13.459Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f", "creation_timestamp": "2025-05-13T19:30:53.000000Z"} {"uuid": "c5b0cc13-8dc4-4058-9701-c74009937e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2563", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16199", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2563\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Tutor LMS WordPress plugin before 2.0.10 does not escape some course parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-13T19:23:13.459Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/98cd761c-7527-4224-965d-d34472b5c19f", "creation_timestamp": "2025-05-13T19:30:53.000000Z"} https://db.gcve.eu/sighting/c5b0cc13-8dc4-4058-9701-c74009937e30/export Tue, 13 May 2025 19:30:53 +0000