{"vulnerability": "CVE-2022-3628", "sightings": [{"uuid": "b5099fa3-5b56-40b6-b0b2-ce58ae380c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3628", "type": "seen", "source": "https://t.me/cibsecurity/56443", "content": "\u203c CVE-2022-3628 \u203c\n\nA buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-12T22:30:38.000000Z"}, {"uuid": "12cb6c75-3c6a-4f56-b6ce-8a4bbd2a9ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36288", "type": "seen", "source": "https://t.me/cibsecurity/48603", "content": "\u203c CVE-2022-36288 \u203c\n\nMultiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin &lt;= 3.2.48 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T20:21:53.000000Z"}, {"uuid": "af12232a-8ca6-42e1-a57a-b44b8c8f86b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36285", "type": "seen", "source": "https://t.me/cibsecurity/48600", "content": "\u203c CVE-2022-36285 \u203c\n\nAuthenticated Arbitrary File Upload vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin &lt;= 1.0.1 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T20:21:50.000000Z"}, {"uuid": "d3c51fb2-418f-4217-bd24-810e66257a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36284", "type": "seen", "source": "https://t.me/cibsecurity/47647", "content": "\u203c CVE-2022-36284 \u203c\n\nAuthenticated IDOR vulnerability in StoreApps Affiliate For WooCommerce premium plugin &lt;= 4.7.0 at WordPress allows an attacker to change the PayPal email. WooCommerce PayPal Payments plugin (free) should be at least installed to get the extra input field on the user profile page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T20:26:56.000000Z"}, {"uuid": "d8182e89-5601-4bb9-ac9a-1896871a6216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36282", "type": "seen", "source": "https://t.me/cibsecurity/48607", "content": "\u203c CVE-2022-36282 \u203c\n\nAuthenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy's Search Exclude plugin &lt;= 1.2.6 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T20:21:57.000000Z"}]}