{"vulnerability": "CVE-2022-4442", "sightings": [{"uuid": "3c226296-ebf1-41e0-acc5-df81fa477d32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44424", "type": "seen", "source": "https://t.me/cibsecurity/55867", "content": "\u203c CVE-2022-44424 \u203c\n\nIn music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T12:23:30.000000Z"}, {"uuid": "7874b67b-af44-47d3-a8c7-7c2c887fef63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44423", "type": "seen", "source": "https://t.me/cibsecurity/55869", "content": "\u203c CVE-2022-44423 \u203c\n\nIn music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T12:23:32.000000Z"}, {"uuid": "4262f8d1-a88c-49fe-938b-75aa174f0d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44428", "type": "seen", "source": "https://t.me/cibsecurity/55856", "content": "\u203c CVE-2022-44428 \u203c\n\nIn wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T12:18:05.000000Z"}, {"uuid": "0c3cedfd-735b-4f2a-808a-dfdbd7b24029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4442", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10525", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4442\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).\n\ud83d\udccf Published: 2023-01-16T15:37:54.312Z\n\ud83d\udccf Modified: 2025-04-04T18:13:20.220Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/12766537-df59-49d6-815a-4d68265a4c4a", "creation_timestamp": "2025-04-04T18:36:21.000000Z"}, {"uuid": "7bc0e0a0-30a1-4cb4-a46c-5e4c8551d4b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44425", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11247", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44425\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.\n\ud83d\udccf Published: 2023-01-04T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T14:37:57.072Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", "creation_timestamp": "2025-04-10T14:50:28.000000Z"}, {"uuid": "ad79a195-a3ce-4775-a7e8-2ec803a244bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44423", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11239", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44423\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.\n\ud83d\udccf Published: 2023-01-04T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T14:41:06.145Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", "creation_timestamp": "2025-04-10T14:50:20.000000Z"}, {"uuid": "5d7c4d5c-d776-49cc-9b73-761d7db477f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44422", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11237", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44422\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.\n\ud83d\udccf Published: 2023-01-04T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T14:42:08.397Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", "creation_timestamp": "2025-04-10T14:50:18.000000Z"}, {"uuid": "62b18474-e318-45b5-b6f9-9effc9147217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44420", "type": "seen", "source": "https://t.me/cibsecurity/63539", "content": "\u203c CVE-2022-44420 \u203c\n\nIn modem, there is a possible missing verification of HashMME value in Security Mode Command. This could local denial of service with no additional execution privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T07:38:18.000000Z"}, {"uuid": "fe7c6c09-45a5-404d-813a-2de67970b98a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4442", "type": "seen", "source": "https://t.me/cibsecurity/56541", "content": "\u203c CVE-2022-4442 \u203c\n\nThe Custom Post Types and Custom Fields creator WordPress plugin before 2.3.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-16T18:24:11.000000Z"}, {"uuid": "bd7df638-1383-434e-9fb1-161f62f8aaa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44424", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11244", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44424\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In music service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.\n\ud83d\udccf Published: 2023-01-04T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T14:39:03.316Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1610118225591336001", "creation_timestamp": "2025-04-10T14:50:25.000000Z"}]}