{"vulnerability": "CVE-2022-2934", "sightings": [{"uuid": "598ff078-5f9f-4ae8-ba0c-df59995bb6ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29340", "type": "seen", "source": "https://t.me/cibsecurity/41986", "content": "\u203c CVE-2022-29340 \u203c\n\nGPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-05T16:55:02.000000Z"}, {"uuid": "0f3aaef7-6ce3-4a39-9f49-6ba4687bb9b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2934", "type": "seen", "source": "https://t.me/cibsecurity/49363", "content": "\u203c CVE-2022-2934 \u203c\n\nThe Beaver Builder \u00e2\u20ac\u201c WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image URL' value found in the Media block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with access to the Beaver Builder editor to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T22:19:41.000000Z"}, {"uuid": "b8596c0a-85ec-4641-ada7-bf2ec04f6a90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29349", "type": "seen", "source": "https://t.me/cibsecurity/43310", "content": "\u203c CVE-2022-29349 \u203c\n\nkkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-25T07:37:38.000000Z"}, {"uuid": "f013599c-9551-486e-a8cd-57f119abb841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29347", "type": "seen", "source": "https://t.me/cibsecurity/41906", "content": "\u203c CVE-2022-29347 \u203c\n\nAn arbitrary file upload vulnerability in Web@archiv 1.0 allows attackers to execute arbitrary commands via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T18:34:59.000000Z"}]}