{"vulnerability": "CVE-2022-2430", "sightings": [{"uuid": "9eb179e4-e7a5-42ba-8512-5920a7245722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24305", "type": "seen", "source": "https://t.me/cibsecurity/38307", "content": "\u203c CVE-2022-24305 \u203c\n\nZoho ManageEngine SharePoint Manager Plus before 4329 is vulnerable to a sensitive data leak that leads to privilege escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-02T18:25:13.000000Z"}, {"uuid": "ffd23a67-ff1e-4fad-bff7-ea1ce4e9e6fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24306", "type": "seen", "source": "https://t.me/cibsecurity/38303", "content": "\u203c CVE-2022-24306 \u203c\n\nZoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because authorization is mishandled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-02T18:25:08.000000Z"}, {"uuid": "a31b44cc-c5a4-4464-929d-a3cb71aa9f7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24302", "type": "seen", "source": "https://t.me/cibsecurity/39179", "content": "\u203c CVE-2022-24302 \u203c\n\nIn Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T01:21:53.000000Z"}, {"uuid": "9dec4f37-e563-44a1-816a-9fc2d5dc7b59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24301", "type": "seen", "source": "https://t.me/cibsecurity/36688", "content": "\u203c CVE-2022-24301 \u203c\n\nIn Minetest before 5.4.0, players can add or subtract items from a different player's inventory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T12:27:54.000000Z"}, {"uuid": "00a22740-9cc6-4b4e-8426-cf3018c23a98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24307", "type": "seen", "source": "https://t.me/cibsecurity/36789", "content": "\u203c CVE-2022-24307 \u203c\n\nMastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not compact incoming signed JSON-LD activities. (JSON-LD signing has been supported since version 1.6.0.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-03T22:30:13.000000Z"}, {"uuid": "630c33ec-64ba-4994-89bc-bd87d82d3dd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24300", "type": "seen", "source": "https://t.me/cibsecurity/36687", "content": "\u203c CVE-2022-24300 \u203c\n\nMinetest before 5.4.0 allows attackers to add or modify arbitrary meta fields of the same item stack as saved user input, aka ItemStack meta injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T12:27:52.000000Z"}, {"uuid": "1bd26760-4aeb-44ea-b09c-287c3e6599d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24308", "type": "seen", "source": "https://t.me/cibsecurity/40716", "content": "\u203c CVE-2022-24308 \u203c\n\nAutomox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-13T16:23:34.000000Z"}, {"uuid": "0f4d0aa7-e4be-4e93-a398-736cd9def783", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-24303", "type": "seen", "source": "https://t.me/cibsecurity/39623", "content": "\u203c CVE-2022-24303 \u203c\n\nPillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T07:39:51.000000Z"}]}