{"vulnerability": "CVE-2022-4904", "sightings": [{"uuid": "51eeabef-5b19-444c-af28-3f8098023fc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49043", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgmrlqqdo32f", "content": "", "creation_timestamp": "2025-01-26T06:15:38.556821Z"}, {"uuid": "a1db9a13-0d0a-4260-85d2-9f2734873e56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49047", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:15.000000Z"}, {"uuid": "0e67cd06-57f8-4bb9-9aa8-e62cd8b8c64b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49046", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "fe8be7a5-7c00-42b8-96b9-4cd038b49f92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49043", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3115", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-84p5-cqqq-h4gr\n\ud83d\udd25 CVSS Score: N/A (CVSS_V3)\n\ud83d\udd39 Description: xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free.\n\ud83d\udccf Published: 2025-01-26T06:30:48Z\n\ud83d\udccf Modified: 2025-01-26T06:30:48Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2022-49043\n2. https://github.com/php/php-src/issues/17467\n3. https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b", "creation_timestamp": "2025-01-26T07:06:01.000000Z"}, {"uuid": "c857d346-98d0-49eb-8cb5-9dff71fa50b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49043", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-49043\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-01-26T06:15:21.000\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://github.com/php/php-src/issues/17467\n2. https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b", "creation_timestamp": "2025-01-26T07:14:19.000000Z"}, {"uuid": "4c490445-a522-410f-add3-49c4887302c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49047", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5745", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-49047\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nep93xx: clock: Fix UAF in ep93xx_clk_register_gate()\n\narch/arm/mach-ep93xx/clock.c:154:2: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]\narch/arm/mach-ep93xx/clock.c:151:2: note: Taking true branch\nif (IS_ERR(clk))\n^\narch/arm/mach-ep93xx/clock.c:152:3: note: Memory is released\nkfree(psc);\n^~~~~~~~~~\narch/arm/mach-ep93xx/clock.c:154:2: note: Use of memory after it is freed\nreturn &psc->hw;\n^ ~~~~~~~~\n\ud83d\udccf Published: 2025-02-26T01:54:23.471Z\n\ud83d\udccf Modified: 2025-02-27T18:02:30.354Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/0f12166872da46c6b57ba2f1314bbf310b3bf017\n2. https://git.kernel.org/stable/c/3b68b08885217abd9c57ff9b3bb3eb173eee02a9", "creation_timestamp": "2025-02-27T18:27:06.000000Z"}, {"uuid": "664e402e-be3b-4878-a983-b7753d1aeb09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4904", "type": "seen", "source": "https://t.me/cibsecurity/59527", "content": "\u203c CVE-2022-4904 \u203c\n\nA flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T02:13:13.000000Z"}, {"uuid": "222a7dbb-8a03-48e7-af31-d44002531117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49043", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113893015259156248", "content": "", "creation_timestamp": "2025-01-26T05:31:36.120228Z"}, {"uuid": "0d58fe85-1e51-4624-b97b-1708d1ab8ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49047", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:36.000000Z"}, {"uuid": "4b36c830-f702-4e3d-a9b0-8553915c8e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49040", "type": "seen", "source": "https://t.me/cvedetector/6374", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-49040 - Synology Drive Client Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-49040 \nPublished : Sept. 26, 2024, 4:15 a.m. | 40\u00a0minutes ago \nDescription : Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in connection management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T07:06:00.000000Z"}, {"uuid": "3e58ccee-5fdb-4734-a408-0e63ada70b92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49043", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113892999610922070", "content": "", "creation_timestamp": "2025-01-26T05:27:37.252600Z"}, {"uuid": "8f357437-8497-4f27-ac50-349b2ebb9211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49043", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgmzfkek3n25", "content": "", "creation_timestamp": "2025-01-26T08:35:20.468065Z"}, {"uuid": "73340d96-37e7-4d97-ac0f-75bf6d5f7681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49043", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113893790271770405", "content": "", "creation_timestamp": "2025-01-26T08:48:42.002518Z"}, {"uuid": "24e3d310-bb04-4b8c-b54e-85dd0e9f6da0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49045", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6100", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-49045\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-26T01:54:22.168Z\n\ud83d\udccf Modified: 2025-03-02T14:29:14.527Z\n\ud83d\udd17 References:\nNo references available.", "creation_timestamp": "2025-03-02T15:32:10.000000Z"}, {"uuid": "5bbd7bf3-2af5-4a7f-86bf-f9016a6fae6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49043", "type": "seen", "source": "https://t.me/cvedetector/16413", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-49043 - Libxml2 XML XInclude Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-49043 \nPublished : Jan. 26, 2025, 6:15 a.m. | 1\u00a0hour, 36\u00a0minutes ago \nDescription : xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-26T09:03:19.000000Z"}, {"uuid": "a740c380-171d-4d23-90e7-82e100f81638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-49041", "type": "seen", "source": "https://t.me/cvedetector/6375", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-49041 - Synology Drive Client Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-49041 \nPublished : Sept. 26, 2024, 4:15 a.m. | 40\u00a0minutes ago \nDescription : Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to crash the client via unspecified vectors. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T07:06:00.000000Z"}]}