{"vulnerability": "CVE-2022-2648", "sightings": [{"uuid": "2c267e19-bd76-4445-9b0a-1f7d01065471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "fa122aa9-4232-43bd-916c-23e352f69f05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26486", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "b95cc811-5c5b-444f-9f7e-ca6f6065685f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971372", "content": "", "creation_timestamp": "2024-12-24T20:28:21.479069Z"}, {"uuid": "f769ae1a-5f06-4d11-8ad6-302a201c36b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26486", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971373", "content": "", "creation_timestamp": "2024-12-24T20:28:22.312026Z"}, {"uuid": "9c6b08b5-017b-490e-9cd7-ffd6aca21b98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26486", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c5376e9e-494b-4716-baca-0eb64d393066", "content": "", "creation_timestamp": "2026-02-02T12:28:09.996394Z"}, {"uuid": "2025c4ec-da01-441e-ae87-13d6a7916e33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26486", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c5376e9e-494b-4716-baca-0eb64d393066", "content": "", "creation_timestamp": "2026-02-02T12:28:09.996394Z"}, {"uuid": "8ee8fea4-b7bd-4328-8801-f8475caff1f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "Telegram/0bPuhc7ocBnfXcBiX1cpdeJz4CkI9vQ26of8XSnAYpAnFNI", "content": "", "creation_timestamp": "2023-03-02T04:50:27.000000Z"}, {"uuid": "9902bcfa-bdfb-4267-8c74-4d412a9add1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2648", "type": "seen", "source": "https://t.me/cibsecurity/47543", "content": "\u203c CVE-2022-2648 \u203c\n\nA vulnerability was found in SourceCodester Multi Language Hotel Management Software. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument room_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205595.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T12:19:35.000000Z"}, {"uuid": "263922e8-ef7e-46d9-a4fa-9f35ef36541a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26482", "type": "seen", "source": "https://t.me/cibsecurity/46414", "content": "\u203c CVE-2022-26482 \u203c\n\nAn issue was discovered in Poly EagleEye Director II before 2.2.2.1. os.system command injection can be achieved by an admin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T02:33:27.000000Z"}, {"uuid": "0a3fc83a-8bc4-4acb-97d7-837f475f1c9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26487", "type": "seen", "source": "https://t.me/cibsecurity/38494", "content": "\u203c CVE-2022-26487 \u203c\n\nMitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allow remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-06T15:04:30.000000Z"}, {"uuid": "645469bc-9d1e-419d-84d7-0d4ba3eeb123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26483", "type": "seen", "source": "https://t.me/cibsecurity/38465", "content": "\u203c CVE-2022-26483 \u203c\n\nAn issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. A reflected cross-site scripting (XSS) vulnerability in admin/cgi-bin/listdir.pl allows authenticated remote administrators to inject arbitrary web script or HTML into an HTTP GET parameter (which reflect the user input without sanitization).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T22:27:07.000000Z"}, {"uuid": "959d06d0-6f1a-4b4f-a534-7c7ad42c9e49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26484", "type": "seen", "source": "https://t.me/cibsecurity/38463", "content": "\u203c CVE-2022-26484 \u203c\n\nAn issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via Directory Traversal. By manipulating the resource name in GET requests referring to files with absolute paths, it is possible to access arbitrary files stored on the filesystem, including application source code, configuration files, and critical system files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T22:27:04.000000Z"}, {"uuid": "79671688-f7ea-441d-9df8-cb38a7c28de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5e8295a0-5b05-41bc-9fcc-0289f585190c", "content": "", "creation_timestamp": "2026-02-02T12:28:10.081831Z"}, {"uuid": "973b746f-c6b8-4698-8f39-fe534f82e924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26486", "type": "seen", "source": "https://t.me/cKure/8957", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2022-26485 and CVE-2022-26486, the zero-day flaws have been described as use-after-free issues impacting the Extensible Stylesheet Language Transformations (XSLT) parameter processing and the WebGPU inter-process communication (IPC) Framework.\n\nXSLT is an XML-based language used for the conversion of XML documents into web pages or PDF documents, whereas WebGPU is an emerging web standard that's been billed as a successor to the current WebGL JavaScript graphics library.\n\nThe description of the two flaws is below \u2013\n\nCVE-2022-26485 \u2013 Removing an XSLT parameter during processing could lead to an exploitable use-after-free\n\nCVE-2022-26486 \u2013 An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape\n\nhttps://thehackernews.com/2022/03/2-new-mozilla-firefox-0-day-bugs-under.html", "creation_timestamp": "2022-03-07T06:12:15.000000Z"}, {"uuid": "3118fd16-7373-4ad4-9d08-94d679b3d659", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "seen", "source": "https://t.me/cKure/8957", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Zero-Day: CVE-2022-26485 and CVE-2022-26486, the zero-day flaws have been described as use-after-free issues impacting the Extensible Stylesheet Language Transformations (XSLT) parameter processing and the WebGPU inter-process communication (IPC) Framework.\n\nXSLT is an XML-based language used for the conversion of XML documents into web pages or PDF documents, whereas WebGPU is an emerging web standard that's been billed as a successor to the current WebGL JavaScript graphics library.\n\nThe description of the two flaws is below \u2013\n\nCVE-2022-26485 \u2013 Removing an XSLT parameter during processing could lead to an exploitable use-after-free\n\nCVE-2022-26486 \u2013 An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape\n\nhttps://thehackernews.com/2022/03/2-new-mozilla-firefox-0-day-bugs-under.html", "creation_timestamp": "2022-03-07T06:12:15.000000Z"}, {"uuid": "54eae13f-04ad-4caa-8a0f-52c685975590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3775", "content": "Google (TAG) \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0437\u043e\u0431\u043b\u0430\u0447\u0430\u0442\u044c \u00ab\u043d\u0435\u0443\u0433\u043e\u0434\u043d\u044b\u0445\u00bb \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0438\u0437 \u0418\u0441\u043f\u0430\u043d\u0438\u0438 - \u043f\u043e \u0438\u043c\u0435\u043d\u0438 Variston, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0438 \u0440\u044f\u0434 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c 0-day.\n\n\u041e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0437 \u0411\u0430\u0440\u0441\u0435\u043b\u043e\u043d\u044b \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u043d\u0434\u0438\u0432\u0438\u0434\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u043b\u044f ICS \u0438 IoT, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u043b\u0443\u0433\u0438 \u043f\u043e \u0418\u0411 \u0438 \u043e\u0431\u0443\u0447\u0435\u043d\u0438\u044e.\n\n\u041d\u0430\u0432\u043e\u0434\u043a\u0443 \u043d\u0430 Variston \u0434\u0430\u043b \u0430\u043d\u043e\u043d\u0438\u043c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 bugbounty \u043e\u0442 Google \u043f\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0443 Chrome. \u0420\u0435\u043f\u043e\u0440\u0442\u0435\u0440 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u0432 \u0438\u0442\u043e\u0433\u0435 \u0430\u043d\u0430\u043b\u0438\u0437 \u043e\u0442\u0447\u0435\u0442\u043e\u0432 \u043f\u0440\u0438\u0432\u0435\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 Variston.\n\n\u0420\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u044b \u0432\u044b\u0434\u0435\u043b\u0438\u043b\u0438 \u0442\u0440\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445\u00a0\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430,\u00a0\u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044b\u0445 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432: Heliconia Noise (\u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 Chrome);\u00a0Heliconia Soft (\u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0430 Windows \u0447\u0435\u0440\u0435\u0437 PDF-\u0444\u0430\u0439\u043b) \u0438 Heliconia Files (\u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b Firefox \u0434\u043b\u044f Windows \u0438 Linux).\n\nHeliconia Noise \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00ab\u043f\u043e\u043b\u043d\u0430\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u0432 1 \u043a\u043b\u0438\u043a \u0434\u043b\u044f Google Chrome \u0431\u0435\u0437 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u0441\u0442\u0432\u0430, \u0434\u043e\u0441\u0442\u0438\u0433\u0430\u044e\u0449\u0435\u0433\u043e \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438.\n\nGoogle \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Chrome \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0430\u0433\u0435\u043d\u0442\u0430 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u0414\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u0435\u043d \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2021 \u0433\u043e\u0434\u0430, \u043d\u043e \u0435\u0439 \u043d\u0435 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 Google.\n\nHeliconia Soft \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0430 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Microsoft Defender (CVE-2021-42298), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430.\n\n\u041e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0446\u0435\u043f\u043e\u0447\u043a\u0430 Windows Chrome \u0438 Chromium Edge \u0432 \u043e\u0434\u0438\u043d \u043a\u043b\u0438\u043a \u0431\u0435\u0437 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438. \u041a\u043e\u0433\u0434\u0430 \u0436\u0435\u0440\u0442\u0432\u0430 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 PDF-\u0444\u0430\u0439\u043b, \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a Windows \u0441\u043a\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0435\u0433\u043e, \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442.\n\nHeliconia Files \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 Firefox \u0434\u043b\u044f Windows \u0438 Linux, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 CVE-2022-26485 \u0434\u043b\u044f RCE, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 Mozilla \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Firefox \u0432 \u043c\u0430\u0440\u0442\u0435 2022 \u0433\u043e\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043e\u0431 \u044d\u0442\u043e\u043c \u0435\u0435 \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 Qihoo 360.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f Firefox \u0434\u043b\u044f Windows, \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0431\u0435\u0437 CVE \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2019 \u0433\u043e\u0434\u0430.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b Heliconia \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b, \u0432\u0441\u0435 \u043e\u043d\u0438, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 0-day \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Google, Mozilla \u0438 Microsoft \u0443\u0437\u043d\u0430\u043b\u0438 \u043e\u0431 \u0438\u0445 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0438 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u0411\u043e\u0440\u044c\u0431\u0430 \u0441 \u00ab\u043d\u0435\u0443\u0434\u043e\u0431\u043d\u044b\u043c\u0438\u00bb \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e \u043d\u0435 \u0437\u0430\u043a\u0430\u043d\u0447\u0438\u0432\u0430\u0435\u0442\u0441\u044f, \u043f\u0440\u043e\u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u0439 IT-\u0444\u0440\u043e\u043d\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e, \u0440\u0430\u043d\u0436\u0438\u0440\u0443\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0432 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0438 \u0441\u043e \u0441\u0432\u043e\u0438\u043c\u0438 \u0433\u0435\u043e\u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u0430\u043c\u0438.", "creation_timestamp": "2022-12-02T12:58:17.000000Z"}, {"uuid": "58895891-8cca-4e6e-b419-93d63b677809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "https://t.me/crackcodes/2484", "content": "CVE-2022-26485 exploit(UAF in XSLT parameter processing, bugzilla )\n\nRemoving an XSLT parameter during processing could have lead to an exploitable use-after-free. Mozilla have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. \n\n\u26a0\ufe0fTested against Firefox 78.0 (Windows)\n\nDownload: https://system32.ink/news-feed/p/199/", "creation_timestamp": "2023-01-31T11:00:18.000000Z"}, {"uuid": "fedfbc3a-118b-4518-8d4e-2c814fc7c422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "https://t.me/thehackernews/1952", "content": "Mozilla has warned hundreds of millions of Firefox users about newly discovered 0-day bugs (CVE-2022-26485, CVE-2022-26486) that are being exploited in the wild.\n\nhttps://thehackernews.com/2022/03/2-new-mozilla-firefox-0-day-bugs-under.html\n\nUpdate to Firefox 97.0.2, ESR 91.6.1, Android v97.3.0, Focus 97.3.0 & Thunderbird 91.6.2.", "creation_timestamp": "2022-03-07T05:42:50.000000Z"}, {"uuid": "2a30d02a-74c5-4c65-9298-e23385a4fcf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26486", "type": "exploited", "source": "https://t.me/thehackernews/1952", "content": "Mozilla has warned hundreds of millions of Firefox users about newly discovered 0-day bugs (CVE-2022-26485, CVE-2022-26486) that are being exploited in the wild.\n\nhttps://thehackernews.com/2022/03/2-new-mozilla-firefox-0-day-bugs-under.html\n\nUpdate to Firefox 97.0.2, ESR 91.6.1, Android v97.3.0, Focus 97.3.0 & Thunderbird 91.6.2.", "creation_timestamp": "2022-03-07T05:42:50.000000Z"}, {"uuid": "88f3f8c4-356c-43cd-8c51-286572ef017b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "https://t.me/CNArsenal/420", "content": "\ud83d\udca5CVE-2022-26485 exploit(UAF in XSLT parameter processing, bugzilla )\nRemoving an XSLT parameter during processing could have lead to an exploitable use-after-free. Mozilla have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. \n\n\u26a0\ufe0fTested against Firefox 78.0 (Windows)", "creation_timestamp": "2023-02-01T01:27:03.000000Z"}, {"uuid": "404aeef7-9554-44ef-9917-517de0c997a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:36.000000Z"}, {"uuid": "9d781c9e-2b56-4908-a23d-82131a1087a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26486", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:36.000000Z"}, {"uuid": "11df490f-a667-4d2c-b7e8-7123db2748e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-26486", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=749", "content": "", "creation_timestamp": "2022-03-07T04:00:00.000000Z"}, {"uuid": "a59dfcd1-3612-47a7-9285-bc2018f2a5b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-26485", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=749", "content": "", "creation_timestamp": "2022-03-07T04:00:00.000000Z"}, {"uuid": "56bac965-6d8c-4f42-aeb3-03bd97802c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5e8295a0-5b05-41bc-9fcc-0289f585190c", "content": "", "creation_timestamp": "2026-02-02T12:28:10.081831Z"}, {"uuid": "914095bd-6e86-42b5-a9bc-e73050dfa6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "https://t.me/technical_private_cat/375", "content": "\u0415\u0449\u0435 \u0445\u043e\u0447\u0435\u0442\u0441\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044c \u043f\u0440\u043e\u0434\u0443\u043a\u0442 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c Heliconia\ud83e\uddff\n\n\u0428\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0435 \u041f\u041e Heliconia, \u043f\u043e\u0440\u0430\u0436\u0430\u044e\u0449\u0435\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Google Chrome, Firefox, \u043a\u0430\u043a \u043d\u0438 \u0441\u0442\u0440\u0430\u043d\u043d\u043e, \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Microsoft Defender.\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0443\u0437\u043d\u0430\u043b\u0438 \u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 \u0438\u0437 \u043e\u0442\u0447\u0435\u0442\u0430 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c Chrome, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u044f\u043c\u0438 Heliconia Noise , Heliconia Soft \u0438 Files .\n\n\u0413\u0440\u0443\u043f\u043f\u0430 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0443\u0433\u0440\u043e\u0437 Google \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0435 \u041f\u041e \u0431\u044b\u043b\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043e \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u0445 Chrome \u0438 Firefox. \u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u043e \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043e , \u0447\u0442\u043e \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0435 \u041f\u041e \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 Microsoft Defender, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u0435\u0434\u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 Microsoft Windows. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u0438\u0448\u043b\u0438 \u043a \u0432\u044b\u0432\u043e\u0434\u0443, \u0447\u0442\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u044f \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u043e\u0432 \u043f\u043e\u0441\u043b\u0435 \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0430\u043d\u043e\u043d\u0438\u043c\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c.\n\nHeliconia Noise \u2014 \u044d\u0442\u043e \u0432\u0435\u0431-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Chrome \u0441 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b Chrome \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u043e\u0439 \u0430\u0433\u0435\u043d\u0442\u0430. \n\u0424\u0430\u0439\u043b \u043c\u0430\u043d\u0438\u0444\u0435\u0441\u0442\u0430 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u043c \u043a\u043e\u0434\u0435 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430:\n\u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0435 \u0444\u0430\u0439\u043b\u0430 \u043c\u0430\u043d\u0438\u0444\u0435\u0441\u0442\u0430 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u043c \u043a\u043e\u0434\u0435\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0432\u0438\u0437\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Chrome . \u041e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u0435\u043e\u043f\u0442\u0438\u043c\u0438\u0437\u0430\u0442\u043e\u0440\u0430 V8, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 2021 \u0433\u043e\u0434\u0430. \u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u043e\u0448\u0438\u0431\u043e\u043a Chrome, CVE \u043d\u0435 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d. \u0418\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0441\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c chrome-sbx-gen. \u042d\u0442\u043e\u0442 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u043b\u0441\u044f \u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u043c \u043f\u043e\u0434\u043c\u043e\u0434\u0443\u043b\u0435 Git \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u043e\u0432\u0430\u043b \u0432 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043d\u043e\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u043c \u043a\u043e\u0434\u0435. \u0427\u0442\u043e\u0431\u044b \u0437\u0430\u043f\u0443\u0442\u0430\u0442\u044c \u043a\u043e\u0434 JavaScript, \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 minobf, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0431\u044b\u043b \u0432\u043a\u043b\u044e\u0447\u0435\u043d \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0439 \u043a\u043e\u0434.\n\nHeliconia Soft \u2014 \u044d\u0442\u043e \u0432\u0435\u0431-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u0435\u0442 PDF-\u0444\u0430\u0439\u043b, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u0430 Windows.\n\u041e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 CVE-2021-42298, \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 JavaScript Microsoft Defender Malware Protection, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430   \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2021 \u0433\u043e\u0434\u0430. \u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0421\u0418\u0421\u0422\u0415\u041c\u041d\u042b\u0415 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0438 \u0435\u0434\u0438\u043d\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435, \u0442\u0440\u0435\u0431\u0443\u0435\u043c\u043e\u0435 \u043e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u2014 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 PDF-\u0444\u0430\u0439\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0417\u0430\u0449\u0438\u0442\u043d\u0438\u043a\u043e\u043c Windows.\n\nFiles  \u2014 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 Firefox \u0434\u043b\u044f Windows \u0438 Linux. \u0414\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 CVE-2022-26485 , \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0435 XSLT, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c, \u0432 \u043c\u0430\u0440\u0442\u0435 2022 \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. TAG \u0441\u0447\u0438\u0442\u0430\u0435\u0442, \u0447\u0442\u043e \u043f\u0430\u043a\u0435\u0442 Heliconia Files, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u044d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u0441 2019 \u0433\u043e\u0434\u0430, \u0437\u0430\u0434\u043e\u043b\u0433\u043e \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0438 \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430.\n\n\u042d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Heliconia \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u0435\u043d \u043f\u0440\u043e\u0442\u0438\u0432 \u0432\u0435\u0440\u0441\u0438\u0439 Firefox \u0441 64 \u043f\u043e 68, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u043e\u043d \u043c\u043e\u0433 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u0436\u0435 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2018 \u0433\u043e\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u0431\u044b\u043b\u0430 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u0430 \u0432\u0435\u0440\u0441\u0438\u044f 64. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u0433\u0434\u0430 Mozilla \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0434 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0438\u043c\u0435\u043b \u043f\u043e\u0440\u0430\u0437\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u043e \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c Heliconia, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435 \u0436\u0435 \u0438\u043c\u0435\u043d\u0430 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0438 \u043c\u0430\u0440\u043a\u0435\u0440\u044b. \u042d\u0442\u0438 \u0441\u043e\u0432\u043f\u0430\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0430\u0432\u0442\u043e\u0440 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u043e\u0434\u0438\u043d \u0438 \u0442\u043e\u0442 \u0436\u0435 \u043a\u0430\u043a \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 Heliconia, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u0430 \u043a\u043e\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u043c Mozilla \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c, \u043a\u043e\u0433\u0434\u0430 \u043e\u043d\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u043e\u0448\u0438\u0431\u043a\u0443.\n\n #spyware #snooping #malware #android #browsers  #cve #exploit #tools", "creation_timestamp": "2023-02-01T04:39:28.000000Z"}, {"uuid": "d3fc9155-c8eb-49fb-b5e9-e732fbf651c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "https://t.me/technical_private_cat/379", "content": "We would also like to mention a product called Heliconia\ud83e\uddff.\n\nHeliconia spyware that affects several browsers, including Google Chrome, Firefox, oddly enough, Microsoft Defender security software.\nThe team's researchers added that they learned about the framework from a bug report sent anonymously by a Chrome user that contained instructions and source code with the names Heliconia Noise , Heliconia Soft and Files .\n\nGoogle's threat analysis team adds that the spyware was specifically designed to exploit vulnerabilities in Chrome and Firefox browsers. Spyware has also been observed to affect Microsoft Defender, which comes preinstalled with Microsoft Windows. Researchers concluded that the spyware code distribution tools contained links to a potential framework creator after scrutinizing the problem reported by an anonymous user.\n\nHeliconia Noise is a web framework for deploying an exploit of the Chrome visualization tool, followed by exiting the Chrome sandbox and installing an agent. \nThe manifest file in the source code contains a description of the product:\nAn image of the manifest file in the source code\nExploit Chrome visualization tool . It uses the V8 deoptimizer bug, fixed in August 2021. As usual nowadays for internal Chrome bugs, no CVE has been assigned. The source code references a sandbox escape called chrome-sbx-gen. This component was maintained in a separate Git submodule and was missing from the resulting source code. To obfuscate the JavaScript code, the framework uses minobf, probably a special tool, which was also not included in the source code.\n\nHeliconia Soft is a web framework that deploys a PDF file containing a Windows Defender exploit.\nIt uses CVE-2021-42298 , a bug in the Microsoft Defender Malware Protection JavaScript engine that was fixed in November 2021. The exploit obtains SYSTEM privileges with a single vulnerability, and the only action required of the user is to download a PDF file that triggers a Windows Defender scan.\n\nFiles - contained a fully documented Firefox exploit chain for Windows and Linux. It uses CVE-2022-26485 , a post-free XSLT processor exploit vulnerability reported to be in the wild in March 2022, to execute code remotely. TAG believes that the Heliconia Files package has probably been using this RCE vulnerability since at least 2019, long before the bug became known and patched.\n\nThe Heliconia exploit is effective against Firefox versions 64 through 68, suggesting that it could have been used as early as December 2018, when version 64 was first released. Furthermore, when Mozilla patched the vulnerability, the exploit code in the bug report bore striking similarities to the Heliconia exploit, including the same variable names and tokens. These coincidences suggest that the author of the exploit is the same for both the Heliconia exploit and the sample exploit code that Mozilla shared when they fixed the bug.\n\n #spyware #snooping #malware #android #browsers #cve #exploit", "creation_timestamp": "2022-12-15T10:05:07.000000Z"}, {"uuid": "17e1f118-38cf-45e2-822c-1c50bba8f28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "Telegram/ZQJoHMMas2-0uT9OMS4saieOu3EYEv99Iozfrsk-rjrRqrg", "content": "", "creation_timestamp": "2023-01-31T10:49:25.000000Z"}, {"uuid": "37a5d161-4c6a-488e-bda6-ab4099e68316", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "Telegram/6dntuoP1BV34szCrO6S1_oB9qBJj1gldDRN4m-O3HzeSAIM", "content": "", "creation_timestamp": "2023-02-12T17:14:06.000000Z"}, {"uuid": "9875882c-89d3-4a5c-be61-3b5109cfbdbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26485", "type": "exploited", "source": "https://t.me/true_secator/3717", "content": "Mozilla \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 Firefox 107, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0437\u0430\u043a\u0440\u044b\u0442\u043e 19 CVE, \u0434\u0435\u0432\u044f\u0442\u0438 \u0438\u0437 \u043d\u0438\u0445 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u043e\u043b\u043d\u043e\u044d\u043a\u0440\u0430\u043d\u043d\u044b\u0445 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u0432\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u0441\u0431\u043e\u044f\u043c \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u0438\u043b\u0438 RCE.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0439 \u0442\u0440\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u043a\u0435, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430, \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0444\u0430\u0439\u043b\u043e\u0432, \u0443\u0442\u0435\u0447\u043a\u0435 \u043d\u0430\u0436\u0430\u0442\u0438\u0439 \u043a\u043b\u0430\u0432\u0438\u0448 \u0438 \u0430\u0442\u0430\u043a\u0430\u043c \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u041d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432 Firefox, \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043b\u0438\u0448\u044c Firefox \u0434\u043b\u044f Android, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0434\u0440\u0443\u0433\u0438\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u0432\u0441\u0435 \u041e\u0421 \u043d\u0430 \u0431\u0430\u0437\u0435 Unix.\n\n\u041c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u0431\u0430\u0433 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 Thunderbird \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 102.5.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043c\u0435\u043d\u044c\u0448\u0443\u044e \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u043d\u043e\u0441\u0442\u044c Firefox \u0441\u0440\u0435\u0434\u0438 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0442\u0435\u043c Chrome, \u0435\u0433\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0434\u0435\u043b\u0430\u0435\u0442 \u0437\u0430\u043c\u0430\u043d\u0447\u0438\u0432\u043e\u0439 \u0446\u0435\u043b\u044c\u044e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 CVE-2022-26485 \u0438 CVE-2022-26486\u00a0\u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2022-11-17T10:42:44.000000Z"}, {"uuid": "af5d0266-8f43-4c71-b4a3-c43eb438ac47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26486", "type": "exploited", "source": "https://t.me/true_secator/3717", "content": "Mozilla \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0439 Firefox 107, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0437\u0430\u043a\u0440\u044b\u0442\u043e 19 CVE, \u0434\u0435\u0432\u044f\u0442\u0438 \u0438\u0437 \u043d\u0438\u0445 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0432\u044b\u0441\u043e\u043a\u043e\u0433\u043e \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041a \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u043e\u043b\u043d\u043e\u044d\u043a\u0440\u0430\u043d\u043d\u044b\u0445 \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u0432\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u0441\u0431\u043e\u044f\u043c \u0432 \u0440\u0430\u0431\u043e\u0442\u0435 \u0438\u043b\u0438 RCE.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0431\u0445\u043e\u0434\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0439 \u0442\u0440\u0430\u0441\u0441\u0438\u0440\u043e\u0432\u043a\u0435, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430, \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0444\u0430\u0439\u043b\u043e\u0432, \u0443\u0442\u0435\u0447\u043a\u0435 \u043d\u0430\u0436\u0430\u0442\u0438\u0439 \u043a\u043b\u0430\u0432\u0438\u0448 \u0438 \u0430\u0442\u0430\u043a\u0430\u043c \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u041d\u0435\u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0432 Firefox, \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u043e\u043c.\n\n\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043b\u0438\u0448\u044c Firefox \u0434\u043b\u044f Android, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a \u0434\u0440\u0443\u0433\u0438\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u0432\u0441\u0435 \u041e\u0421 \u043d\u0430 \u0431\u0430\u0437\u0435 Unix.\n\n\u041c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u0431\u0430\u0433 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0431\u044b\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 Thunderbird \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 102.5.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043c\u0435\u043d\u044c\u0448\u0443\u044e \u0432\u043e\u0441\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u043d\u043e\u0441\u0442\u044c Firefox \u0441\u0440\u0435\u0434\u0438 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0442\u0435\u043c Chrome, \u0435\u0433\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u0434\u0435\u043b\u0430\u0435\u0442 \u0437\u0430\u043c\u0430\u043d\u0447\u0438\u0432\u043e\u0439 \u0446\u0435\u043b\u044c\u044e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 CVE-2022-26485 \u0438 CVE-2022-26486\u00a0\u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2022-11-17T10:42:44.000000Z"}, {"uuid": "a690a816-997c-41cc-8a23-a8b1a0281f90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-26488", "type": "seen", "source": "https://t.me/cibsecurity/38691", "content": "\u203c CVE-2022-26488 \u203c\n\nIn Python before 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local attacker to add user-writable directories to the system search path. To exploit, an administrator must have installed Python for all users and enabled PATH entries. A non-administrative user can trigger a repair that incorrectly adds user-writable paths into PATH, enabling search-path hijacking of other users and system services. This affects Python (CPython) through 3.7.12, 3.8.x through 3.8.12, 3.9.x through 3.9.10, and 3.10.x through 3.10.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T20:22:52.000000Z"}]}