{"vulnerability": "CVE-2022-3643", "sightings": [{"uuid": "f649f7ff-b511-4558-8a06-dfa04311dbbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36437", "type": "seen", "source": "https://t.me/cibsecurity/55542", "content": "\u203c CVE-2022-36437 \u203c\n\nThe Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affected Hazelcast Jet versions are through 4.5.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-30T02:18:31.000000Z"}, {"uuid": "26f50538-ed09-45d2-98e8-d2dc7bd8b9f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36433", "type": "seen", "source": "https://t.me/cibsecurity/53644", "content": "\u203c CVE-2022-36433 \u203c\n\nThe blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks against admin panel users via posts/preview or posts/save.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T16:28:48.000000Z"}, {"uuid": "7a337360-5954-476b-afe0-d86e227d4729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36436", "type": "seen", "source": "https://t.me/cibsecurity/49767", "content": "\u203c CVE-2022-36436 \u203c\n\nOSU Open Source Lab VNCAuthProxy through 1.1.1 is affected by an vncap/vnc/protocol.py VNCServerAuthenticator authentication-bypass vulnerability that could allow a malicious actor to gain unauthorized access to a VNC session or to disconnect a legitimate user from a VNC session. A remote attacker with network access to the proxy server could leverage this vulnerability to connect to VNC servers protected by the proxy server without providing any authentication credentials. Exploitation of this issue requires that the proxy server is currently accepting connections for the target VNC server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T14:26:32.000000Z"}, {"uuid": "a85f8d7e-0552-43e8-9f5c-e5d58236f11f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36437", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11493", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36437\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Connection handler in Hazelcast and Hazelcast Jet allows a remote unauthenticated attacker to access and manipulate data in the cluster with the identity of another already authenticated connection. The affected Hazelcast versions are through 4.0.6, 4.1.9, 4.2.5, 5.0.3, and 5.1.2. The affected Hazelcast Jet versions are through 4.5.3.\n\ud83d\udccf Published: 2022-12-29T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T22:46:33.774Z\n\ud83d\udd17 References:\n1. https://github.com/hazelcast/hazelcast/security/advisories/GHSA-c5hg-mr8r-f6jp", "creation_timestamp": "2025-04-11T22:51:19.000000Z"}, {"uuid": "da97a3ac-b2a0-41a2-9de8-7c95555be15b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36438", "type": "seen", "source": "https://t.me/cibsecurity/51664", "content": "\u203c CVE-2022-36438 \u203c\n\nAsusSwitch.exe on ASUS personal computers (running Windows) sets weak file permissions, leading to local privilege escalation (this also can be used to delete files within the system arbitrarily). This affects ASUS System Control Interface 3 before 3.1.5.0, and AsusSwitch.exe before 1.0.10.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-18T16:14:00.000000Z"}, {"uuid": "daeef26e-5a6e-4fdd-a3a5-c3a32d7846fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36439", "type": "seen", "source": "https://t.me/cibsecurity/51663", "content": "\u203c CVE-2022-36439 \u203c\n\nAsusSoftwareManager.exe in ASUS System Control Interface on ASUS personal computers (running Windows) allows a local user to write into the Temp directory and delete another more privileged file via SYSTEM privileges. This affects ASUS System Control Interface 3 before 3.1.5.0, AsusSoftwareManger.exe before 1.0.53.0, and AsusLiveUpdate.dll before 1.0.45.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T02:33:17.000000Z"}, {"uuid": "b75d48a6-942a-4e00-afe0-bed700af4451", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36431", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13300", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36431\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An arbitrary file upload vulnerability in Rocket TRUfusion Enterprise before 7.9.6.1 allows unauthenticated attackers to execute arbitrary code via a crafted JSP file. Issue fixed in version 7.9.6.1.\n\ud83d\udccf Published: 2022-12-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T17:57:58.753Z\n\ud83d\udd17 References:\n1. https://www.synacktiv.com/sites/default/files/2022-11/trufusion_enterprise_unauthenticated_arbitrary_file_write.pdf\n2. https://docs.rocketsoftware.com/bundle/TRUfusionEnterprise_ReleaseNotes_V7.9.6.1/resource/TRUfusionEnterprise_ReleaseNotes_V7.9.6.1.pdf", "creation_timestamp": "2025-04-24T18:06:49.000000Z"}, {"uuid": "10081a81-423c-4875-82f9-fd1fb00021f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36433", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13435", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36433\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The blog-post creation functionality in the Amasty Blog Pro 2.10.3 plugin for Magento 2 allows injection of JavaScript code in the short_content and full_content fields, leading to XSS attacks against admin panel users via posts/preview or posts/save.\n\ud83d\udccf Published: 2022-11-29T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T14:56:39.460Z\n\ud83d\udd17 References:\n1. https://weglow.ski\n2. https://github.com/afine-com/CVE-2022-36433", "creation_timestamp": "2025-04-25T15:07:33.000000Z"}]}