{"vulnerability": "CVE-2022-4323", "sightings": [{"uuid": "dedb1961-11b4-4e9f-adc0-fe54307920ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43238", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14616", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43238\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\ud83d\udccf Published: 2022-11-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T20:43:54.497Z\n\ud83d\udd17 References:\n1. https://github.com/strukturag/libde265/issues/336\n2. https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html\n3. https://www.debian.org/security/2023/dsa-5346", "creation_timestamp": "2025-05-02T21:16:40.000000Z"}, {"uuid": "9c14cd98-5c84-43b1-add9-be8383612b66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43235", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14615", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43235\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\ud83d\udccf Published: 2022-11-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T20:48:03.326Z\n\ud83d\udd17 References:\n1. https://github.com/strukturag/libde265/issues/337\n2. https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html\n3. https://www.debian.org/security/2023/dsa-5346", "creation_timestamp": "2025-05-02T21:16:38.000000Z"}, {"uuid": "c8b922ec-7f4d-4aa9-a0a9-eeb5b1708637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4323", "type": "seen", "source": "https://t.me/cibsecurity/56846", "content": "\u203c CVE-2022-4323 \u203c\n\nThe Analyticator WordPress plugin before 6.5.6 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-23T18:25:18.000000Z"}, {"uuid": "c4996685-c741-443b-926a-82316683c1be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43238", "type": "seen", "source": "https://t.me/cibsecurity/52475", "content": "\u203c CVE-2022-43238 \u203c\n\nLibde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_h_3_v_3_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:20:11.000000Z"}, {"uuid": "a3376b65-7e55-411d-84a1-49e4c14d3c09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43237", "type": "seen", "source": "https://t.me/cibsecurity/52463", "content": "\u203c CVE-2022-43237 \u203c\n\nLibde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:19:54.000000Z"}, {"uuid": "13df6e80-588c-485c-a21d-6e38e77d396f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43233", "type": "seen", "source": "https://t.me/cibsecurity/52255", "content": "\u203c CVE-2022-43233 (canteen_management_system) \u203c\n\nCanteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the userid parameter at /php_action/fetchSelectedUser.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T22:29:54.000000Z"}, {"uuid": "eb87f244-e546-4587-958d-59beb0409b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43232", "type": "seen", "source": "https://t.me/cibsecurity/52250", "content": "\u203c CVE-2022-43232 (canteen_management_system) \u203c\n\nCanteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the userid parameter at /php_action/fetchOrderData.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T22:29:47.000000Z"}, {"uuid": "68987112-b116-42e2-9ff9-ca54687f0a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43231", "type": "seen", "source": "https://t.me/cibsecurity/52249", "content": "\u203c CVE-2022-43231 (canteen_management_system) \u203c\n\nCanteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/manage_website.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T22:29:43.000000Z"}, {"uuid": "8d24a504-2c5b-4e16-a419-1c48888b9626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43234", "type": "seen", "source": "https://t.me/cibsecurity/53039", "content": "\u203c CVE-2022-43234 \u203c\n\nAn arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-17T15:52:55.000000Z"}, {"uuid": "14eb4cea-17c9-45e5-85d8-5fe6b2055b52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43235", "type": "seen", "source": "https://t.me/cibsecurity/52471", "content": "\u203c CVE-2022-43235 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:20:04.000000Z"}, {"uuid": "c6284099-ce22-47fa-866e-5dd4df6c8daa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43236", "type": "seen", "source": "https://t.me/cibsecurity/52470", "content": "\u203c CVE-2022-43236 \u203c\n\nLibde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:20:03.000000Z"}, {"uuid": "4dcdaa5c-5240-4564-a241-f870e199fe1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-43230", "type": "seen", "source": "https://t.me/cibsecurity/52244", "content": "\u203c CVE-2022-43230 (simple_cold_storage_managment_system) \u203c\n\nSimple Cold Storage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/?page=bookings/view_details.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-28T22:29:35.000000Z"}]}