{"vulnerability": "CVE-2022-3906", "sightings": [{"uuid": "c29c1565-fbef-4a30-bca4-76291e6b4caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3906", "type": "seen", "source": "https://t.me/cibsecurity/54354", "content": "\u203c CVE-2022-3906 \u203c\n\nThe Easy Form Builder WordPress plugin before 3.4.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T20:21:20.000000Z"}, {"uuid": "1868c33a-ca4b-4d04-9351-5eedde7fe8d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39067", "type": "seen", "source": "https://t.me/cibsecurity/53363", "content": "\u203c CVE-2022-39067 \u203c\n\nThere is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T20:13:08.000000Z"}, {"uuid": "5798450a-b14f-405d-985b-238b6d0b2eef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39066", "type": "seen", "source": "https://t.me/cibsecurity/53367", "content": "\u203c CVE-2022-39066 \u203c\n\nThere is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T20:13:12.000000Z"}, {"uuid": "ebadb2e1-0f0a-4851-8859-1e906ec293a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39069", "type": "seen", "source": "https://t.me/cibsecurity/52656", "content": "\u203c CVE-2022-39069 \u203c\n\nThere is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T20:35:18.000000Z"}, {"uuid": "ffb668e1-0ff8-4d42-a34f-d6f889c228aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39064", "type": "seen", "source": "https://t.me/cibsecurity/51474", "content": "\u203c CVE-2022-39064 \u203c\n\nAn attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TR\u00c3\u2026DFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a factory reset. This causes the bulb to lose configuration information about the Zigbee network and current brightness level. After this attack, all lights are on with full brightness, and a user cannot control the bulbs with either the IKEA Home Smart app or the TR\u00c3\u2026DFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score 7.1 vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T20:35:15.000000Z"}, {"uuid": "ed7d4950-ba17-4d67-a5ec-d0f0648c1fac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39065", "type": "seen", "source": "https://t.me/cibsecurity/51452", "content": "\u203c CVE-2022-39065 \u203c\n\nA single malformed IEEE 802.15.4 (Zigbee) frame makes the TR\u00c3\u2026DFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TR\u00c3\u2026DFRI remote control. The malformed Zigbee frame is an unauthenticated broadcast message, which means all vulnerable devices within radio range are affected. CVSS 3.1 Base Score: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T20:29:10.000000Z"}, {"uuid": "b52b6c62-9ad4-4fac-99f4-71b8538b8b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39063", "type": "seen", "source": "https://t.me/cibsecurity/49960", "content": "\u203c CVE-2022-39063 \u203c\n\nWhen Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data from incoming message to struct f_teid without checking the maximum length. If the pdi.local_f_teid.len exceeds the maximum length of the struct of f_teid, the memcpy() overwrites the fields (e.g., f_teid_len) after f_teid in the pdr struct. After parsing the request, the UPF starts to build a response. The f_teid_len with its overwritten value is used as a length for memcpy(). A segmentation fault occurs, as a result of a memcpy(), if this overwritten value is large enough.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T22:29:22.000000Z"}, {"uuid": "70d84db0-197e-4f0b-b8aa-a40ddc484529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39066", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7348", "content": "#exploit\n1. CVE-2022-45025:\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n2. Exploring Chrome\u2019s CVE-2020-6418\nhttps://blog.haboob.sa/blog/exploring-chromes-cve-2020-6418-part1\n\n3. CVE-2022-39066:\nSQL Injection Vulnerability in ZTE MF286R\nhttps://github.com/v0lp3/CVE-2022-39066", "creation_timestamp": "2022-12-13T11:01:01.000000Z"}, {"uuid": "1bd8adcc-ad14-411d-bc2a-e8e1d42c1336", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39060", "type": "seen", "source": "https://t.me/cibsecurity/57210", "content": "\u203c CVE-2022-39060 \u203c\n\nChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-31T15:11:27.000000Z"}, {"uuid": "d71c42ee-3dc4-4039-ace5-89b2e3651ebf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39068", "type": "seen", "source": "https://t.me/cvedetector/5899", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-39068 - ZTE MF296R SMS Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-39068 \nPublished : Sept. 18, 2024, 2:15 a.m. | 37\u00a0minutes ago \nDescription : There is a buffer overflow vulnerability in ZTE MF296R. Due to insufficient validation of the SMS parameter length, an authenticated attacker could use the vulnerability to perform a denial of service attack. \nSeverity: 4.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T05:00:26.000000Z"}, {"uuid": "1fb0bae5-a951-4e0c-92b4-7d5d78923f53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39066", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/3436", "content": "\u200b\u200bCVE-2022-25765 \n\npdfkit Exploit Reverse Shell\n\npdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765\n\nhttps://github.com/CyberArchitect1/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell\n\n\u200b\u200bCVE-2022-45025\n\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\n\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n\u200b\u200bCVE-2022-36537\n\nZK Framework - Exposure of Sensitive Information to an Unauthorized Actor\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\n\u200b\u200bCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE\n\nPwndoc local file inclusion to remote code execution of Node.js code on the server.\n\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n\u200b\u200bCVE-2022-46169\n\nCacti remote_agent.php Unauthenticated Command Injection.\n\nhttps://github.com/0xf4n9x/CVE-2022-46169\n\n\u200b\u200bCVE-2022-45451\n\nPoC for CVE-2022-45451 Acronis Arbitrary File Read\n\nhttps://github.com/alfarom256/CVE-2022-45451\n\nCVE-2022-28672\n\nThis bug was Use after Free caused by improper handling of javascript object memory references.\n\nhttps://github.com/hacksysteam/CVE-2022-28672\n\nUse after Free - RCE Exploit: https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n\n\u200b\u200bCVE-2003-0358\n\nBuffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option.\n\nhttps://github.com/snowcra5h/CVE-2003-0358\n\n\u200b\u200bCVE-2022-39253\n\nDocker host file read\n\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc\n\n\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046\n\n\u200b\u200bCVE-2022-2602\n\nThis repository contains exploits for CVE-2022-2602. There are two versions of it:\n\n\u25ab\ufe0f Exploit using userfaultfd technique.\n\u25ab\ufe0f Exploit using inode locking technique.\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\n#cve #poc \n@pfkgit", "creation_timestamp": "2023-01-28T19:14:38.000000Z"}, {"uuid": "dca579c6-3ed7-4ab9-b46b-6a1a7f2c382e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39066", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/154", "content": "Parshu\n\nFilter URLs to save your time using regex\n\nParshu uses regex to filter out the custom results. Remembering every regex or writing regexes for a task which you do daily is not easy, so parshu will help you to automate the task.\n\nhttps://github.com/R0X4R/Parshu\n\n\u200b\u200bIATelligence\n\nIATelligence is a Python script that extracts the Import Address Table (IAT) from a PE file and uses OpenAI's GPT-3 model to provide details about each Windows API imported by the file. The script also searches for related MITRE ATT&CK techniques and explains how the API could potentially be used by attackers.\n\nIt also displays the hashes of the file and estimates the cost of the GPT-3 requests. IATelligence is a proof of concept for using GPT-3 for malware analysis and quickly assessing the behavior of a malware based on its IAT.\n\nhttps://github.com/fr0gger/IATelligence\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bZeek-Formatted Threat Intelligence Feeds\n\nThis is a public feed based on Public Threat Feeds and CRITICAL PATH SECURITY gathered data. This feed will be updated as often as possible.\n\nhttps://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds\n\n\u200b\u200binject-globals\n\nA function for injecting global variables into function calls.\n\nhttps://github.com/victorwss/inject-globals\n\n\u200b\u200bPublic version of Redblood C2\n\nThis is a simple command and control server to handle sessions and your victims.\n\nhttps://github.com/kira2040k/RedbloodC2\n\n\u200b\u200bShadow\n\nA jailbreak detection bypass for modern iOS jailbreaks.\n\nPlease note that Shadow is not designed as an app-specific bypass. Issues mainly in consideration are non-detection related app crashes, regressions from previous versions, and compatibility issues.\n\nhttps://github.com/jjolano/shadow\n\n\u200aDomainDouche - OSINT Tool to Abuse SecurityTrails Domain Suggestion API To Find Potentially Related Domains By Keyword And Brute Force\n\nhttp://www.kitploit.com/2022/12/domaindouche-osint-tool-to-abuse.html\n\nCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\nDonate\nhttps://t.me/c/1634518258/5\nhttps://t.me/HackerFactory/114\n\n#redteam #infosec #cybersec #\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00\ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n3/3", "creation_timestamp": "2022-12-14T10:16:53.000000Z"}, {"uuid": "badcddaa-76eb-4725-9d6c-af5c24cb1fa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39066", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1754", "content": "#exploit\n1. CVE-2022-45025:\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n2. Exploring Chrome\u2019s CVE-2020-6418\nhttps://blog.haboob.sa/blog/exploring-chromes-cve-2020-6418-part1\n\n3. CVE-2022-39066:\nSQL Injection Vulnerability in ZTE MF286R\nhttps://github.com/v0lp3/CVE-2022-39066", "creation_timestamp": "2022-12-13T04:12:39.000000Z"}, {"uuid": "a74ebc22-a716-4bbc-9668-1bf6c39d8678", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39064", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3540", "content": "\u0415\u0441\u043b\u0438 \u0432\u0430\u043c \"\u0434\u043e \u043b\u0430\u043c\u043f\u043e\u0447\u043a\u0438\" \u043d\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c, \u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u043f\u043e\u043b\u043d\u0435 \u0443\u043c\u0435\u0441\u0442\u043d\u043e \u0443\u0442\u043e\u0447\u043d\u0438\u0442\u044c \u0434\u043e \u043a\u0430\u043a\u043e\u0439 \u043b\u0430\u043c\u043f\u043e\u0447\u043a\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e, \u0442\u0430\u043a \u043a\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u043e\u0441\u043b\u0435\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u0432 \u043f\u0440\u044f\u043c\u043e\u043c \u0438 \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u043d\u043e\u043c \u0441\u043c\u044b\u0441\u043b\u0435. \n\n\u0412 \u043b\u0438\u043d\u0435\u0439\u043a\u0435 \u0443\u043c\u043d\u044b\u0445 \u0441\u0432\u0435\u0442\u0438\u043b\u044c\u043d\u0438\u043a\u043e\u0432 \u043e\u0442 IKEA \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u043b\u0430\u043c\u043f\u043e\u0447\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u043d\u0443\u044e \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044c.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0438\u0437 Synopsys \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043b\u0430\u043c\u043f\u043e\u0447\u043a\u0430\u043c\u0438 \u0432 \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0441\u0432\u0435\u0449\u0435\u043d\u0438\u044f Ikea Tradfri.\n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043e\u0434\u0438\u043d \u0438 \u0442\u043e\u0442 \u0436\u0435 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c Zigbee (IEEE 802.15.4), \u0430 \u0437\u0430\u0442\u0435\u043c \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u0432\u0443\u043c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u043c\u0438 \u043a\u0430\u043a CVE-2022-39064 \u0438 CVE-2022-39065 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0441\u0432\u0435\u0449\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438\u0445 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u043f\u0443\u043b\u044c\u0442 \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 Synopsys \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c Zigbee \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0448\u0438\u0440\u043e\u043a\u043e\u0432\u0435\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0441\u0435\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u0440\u0430\u0434\u0438\u043e\u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430. \n\n\u0427\u0442\u043e\u0431\u044b \u0445\u043e\u0442\u044c \u043a\u0430\u043a-\u0442\u043e \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u044d\u0442\u043e\u0439 \u0430\u0442\u0430\u043a\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0434\u043e\u043b\u0436\u0435\u043d \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438 \u0441\u043d\u043e\u0432\u0430 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u0438\u0442\u0430\u043d\u0438\u0435, \u043e\u0434\u043d\u0430\u043a\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 \u0432 \u043b\u044e\u0431\u043e\u0435 \u0432\u0440\u0435\u043c\u044f. \u041a\u0435\u0439\u0441 \u043c\u043e\u0436\u043d\u043e \u0441\u043c\u0435\u043b\u043e \u0432\u043f\u0438\u0441\u0430\u0442\u044c \u0432 \u043c\u0430\u043d\u0443\u0430\u043b \"\u043a\u0430\u043a \u0434\u043e\u0441\u0442\u0430\u0442\u044c \u0441\u043e\u0441\u0435\u0434\u0430\".\n\nSynopsys \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 Ikea \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0443\u043c\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0435\u0449\u0435 \u0432 \u0438\u044e\u043d\u0435 2021 \u0433\u043e\u0434\u0430, \u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2022 \u0433\u043e\u0434\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u043e \u0441\u043b\u043e\u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u044f V-2.3.091 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043a\u0430\u0434\u0440\u0430\u043c\u0438, \u043d\u043e \u043d\u0435 \u0441\u043e \u0432\u0441\u0435\u043c\u0438, \u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0432\u0438\u0434\u0435\u043e \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c. IKEA \u043f\u043e\u043a\u0430 \u043d\u0435 \u0434\u0430\u043b\u0430 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u0432 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u0442\u043e\u0433\u043e, \u043a\u043e\u0433\u0434\u0430 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u043f\u043e\u043b\u043d\u044b\u0439 \u043f\u0430\u0442\u0447.", "creation_timestamp": "2022-10-11T10:43:32.000000Z"}, {"uuid": "c5b19c27-f339-4b39-931d-9ea94e216885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39065", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3540", "content": "\u0415\u0441\u043b\u0438 \u0432\u0430\u043c \"\u0434\u043e \u043b\u0430\u043c\u043f\u043e\u0447\u043a\u0438\" \u043d\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c, \u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u043f\u043e\u043b\u043d\u0435 \u0443\u043c\u0435\u0441\u0442\u043d\u043e \u0443\u0442\u043e\u0447\u043d\u0438\u0442\u044c \u0434\u043e \u043a\u0430\u043a\u043e\u0439 \u043b\u0430\u043c\u043f\u043e\u0447\u043a\u0438 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e, \u0442\u0430\u043a \u043a\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u043e\u0441\u043b\u0435\u043f\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0430\u0442\u0430\u043a\u0443 \u0432 \u043f\u0440\u044f\u043c\u043e\u043c \u0438 \u043f\u0435\u0440\u0435\u043d\u043e\u0441\u043d\u043e\u043c \u0441\u043c\u044b\u0441\u043b\u0435. \n\n\u0412 \u043b\u0438\u043d\u0435\u0439\u043a\u0435 \u0443\u043c\u043d\u044b\u0445 \u0441\u0432\u0435\u0442\u0438\u043b\u044c\u043d\u0438\u043a\u043e\u0432 \u043e\u0442 IKEA \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 \u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u043b\u0430\u043c\u043f\u043e\u0447\u043a\u0438 \u043d\u0430 \u043f\u043e\u043b\u043d\u0443\u044e \u043c\u043e\u0449\u043d\u043e\u0441\u0442\u044c.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0438\u0437 Synopsys \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043b\u0430\u043c\u043f\u043e\u0447\u043a\u0430\u043c\u0438 \u0432 \u0438\u043d\u0442\u0435\u043b\u043b\u0435\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0441\u0432\u0435\u0449\u0435\u043d\u0438\u044f Ikea Tradfri.\n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0430\u0437 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043e\u0434\u0438\u043d \u0438 \u0442\u043e\u0442 \u0436\u0435 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c Zigbee (IEEE 802.15.4), \u0430 \u0437\u0430\u0442\u0435\u043c \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u0432\u0443\u043c\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u043c\u0438 \u043a\u0430\u043a CVE-2022-39064 \u0438 CVE-2022-39065 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0441\u0432\u0435\u0449\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0447\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438\u0445 \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0438\u043b\u0438 \u043f\u0443\u043b\u044c\u0442 \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \n\n\u0412 \u043e\u0442\u0447\u0435\u0442\u0435 Synopsys \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c Zigbee \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0448\u0438\u0440\u043e\u043a\u043e\u0432\u0435\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0447\u0442\u043e \u043e\u0437\u043d\u0430\u0447\u0430\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0441\u0435\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u0445 \u0440\u0430\u0434\u0438\u043e\u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430. \n\n\u0427\u0442\u043e\u0431\u044b \u0445\u043e\u0442\u044c \u043a\u0430\u043a-\u0442\u043e \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u044d\u0442\u043e\u0439 \u0430\u0442\u0430\u043a\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0434\u043e\u043b\u0436\u0435\u043d \u0432\u0440\u0443\u0447\u043d\u0443\u044e \u0432\u044b\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0438 \u0441\u043d\u043e\u0432\u0430 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u0438\u0442\u0430\u043d\u0438\u0435, \u043e\u0434\u043d\u0430\u043a\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 \u0432 \u043b\u044e\u0431\u043e\u0435 \u0432\u0440\u0435\u043c\u044f. \u041a\u0435\u0439\u0441 \u043c\u043e\u0436\u043d\u043e \u0441\u043c\u0435\u043b\u043e \u0432\u043f\u0438\u0441\u0430\u0442\u044c \u0432 \u043c\u0430\u043d\u0443\u0430\u043b \"\u043a\u0430\u043a \u0434\u043e\u0441\u0442\u0430\u0442\u044c \u0441\u043e\u0441\u0435\u0434\u0430\".\n\nSynopsys \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 Ikea \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0443\u043c\u043d\u043e\u0433\u043e \u043e\u0441\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0435\u0449\u0435 \u0432 \u0438\u044e\u043d\u0435 2021 \u0433\u043e\u0434\u0430, \u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2022 \u0433\u043e\u0434\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u043e \u0441\u043b\u043e\u0432 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u044f V-2.3.091 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u0441 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043a\u0430\u0434\u0440\u0430\u043c\u0438, \u043d\u043e \u043d\u0435 \u0441\u043e \u0432\u0441\u0435\u043c\u0438, \u0438 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0432\u0438\u0434\u0435\u043e \u0441 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c. IKEA \u043f\u043e\u043a\u0430 \u043d\u0435 \u0434\u0430\u043b\u0430 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u0432 \u043f\u043e \u043f\u043e\u0432\u043e\u0434\u0443 \u0442\u043e\u0433\u043e, \u043a\u043e\u0433\u0434\u0430 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u043f\u043e\u043b\u043d\u044b\u0439 \u043f\u0430\u0442\u0447.", "creation_timestamp": "2022-10-11T10:43:32.000000Z"}, {"uuid": "5e3d388b-3446-4129-b126-a254a768e325", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39067", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13792", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39067\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack.\n\ud83d\udccf Published: 2022-11-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T04:31:08.545Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1027784", "creation_timestamp": "2025-04-29T05:11:36.000000Z"}, {"uuid": "9bb52f58-6440-43a4-a85d-d052ae98a14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39066", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13791", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39066\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: There is a SQL injection vulnerability in ZTE MF286R. Due to insufficient validation of the input parameters of the phonebook interface, an authenticated attacker could use the vulnerability to execute arbitrary SQL injection.\n\ud83d\udccf Published: 2022-11-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T04:32:36.772Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1027744", "creation_timestamp": "2025-04-29T05:11:35.000000Z"}, {"uuid": "fc3d0426-2a2e-4323-9f3b-70342cc5db75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39069", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14280", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-39069\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: There is a SQL injection vulnerability in ZTE ZAIP-AIE. Due to lack of input verification by the server, an attacker could trigger an attack by building malicious requests. Exploitation of this vulnerability could cause the leakage of the current table content.\n\ud83d\udccf Published: 2022-11-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T14:08:18.523Z\n\ud83d\udd17 References:\n1. https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1026604", "creation_timestamp": "2025-05-01T14:15:15.000000Z"}, {"uuid": "b295eeaa-2523-429f-bca1-52b5c96890ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39066", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2137", "content": "Parshu\n\nFilter URLs to save your time using regex\n\nParshu uses regex to filter out the custom results. Remembering every regex or writing regexes for a task which you do daily is not easy, so parshu will help you to automate the task.\n\nhttps://github.com/R0X4R/Parshu\n\n\u200b\u200bIATelligence\n\nIATelligence is a Python script that extracts the Import Address Table (IAT) from a PE file and uses OpenAI's GPT-3 model to provide details about each Windows API imported by the file. The script also searches for related MITRE ATT&CK techniques and explains how the API could potentially be used by attackers.\n\nIt also displays the hashes of the file and estimates the cost of the GPT-3 requests. IATelligence is a proof of concept for using GPT-3 for malware analysis and quickly assessing the behavior of a malware based on its IAT.\n\nhttps://github.com/fr0gger/IATelligence\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bZeek-Formatted Threat Intelligence Feeds\n\nThis is a public feed based on Public Threat Feeds and CRITICAL PATH SECURITY gathered data. This feed will be updated as often as possible.\n\nhttps://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds\n\n\u200b\u200binject-globals\n\nA function for injecting global variables into function calls.\n\nhttps://github.com/victorwss/inject-globals\n\n\u200b\u200bPublic version of Redblood C2\n\nThis is a simple command and control server to handle sessions and your victims.\n\nhttps://github.com/kira2040k/RedbloodC2\n\n\u200b\u200bShadow\n\nA jailbreak detection bypass for modern iOS jailbreaks.\n\nPlease note that Shadow is not designed as an app-specific bypass. Issues mainly in consideration are non-detection related app crashes, regressions from previous versions, and compatibility issues.\n\nhttps://github.com/jjolano/shadow\n\n\u200aDomainDouche - OSINT Tool to Abuse SecurityTrails Domain Suggestion API To Find Potentially Related Domains By Keyword And Brute Force\n\nhttp://www.kitploit.com/2022/12/domaindouche-osint-tool-to-abuse.html\n\nCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\nDonate\nhttps://t.me/c/1634518258/5\nhttps://t.me/HackerFactory/114\n\n#redteam #infosec #cybersec #\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00\ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n3/3", "creation_timestamp": "2022-12-14T10:16:53.000000Z"}]}