{"vulnerability": "cve-2022-3465", "sightings": [{"uuid": "8f777853-b004-40f0-a0b2-3b68f8cbe790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34654", "type": "seen", "source": "https://t.me/cibsecurity/53598", "content": "\u203c CVE-2022-34654 \u203c\n\nCross-Site Request Forgery (CSRF) in Virgial Berveling's Manage Notification E-mails plugin <= 1.8.2 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-28T22:28:09.000000Z"}, {"uuid": "75ecd817-7541-4808-af9c-51f170a9a8eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34656", "type": "seen", "source": "https://t.me/cibsecurity/49368", "content": "\u203c CVE-2022-34656 \u203c\n\nAuthenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T22:26:19.000000Z"}, {"uuid": "c8169c9f-2506-4ca2-aa73-19e370eabd3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34658", "type": "seen", "source": "https://t.me/cibsecurity/48596", "content": "\u203c CVE-2022-34658 \u203c\n\nMultiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T20:21:43.000000Z"}, {"uuid": "2b2f108f-5985-4b39-87b6-7c656812c071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34655", "type": "seen", "source": "https://t.me/cibsecurity/47574", "content": "\u203c CVE-2022-34655 \u203c\n\nIn BIG-IP Versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.6.1, and 14.1.x before 14.1.5, when an iRule containing the HTTP::payload command is configured on a virtual server, undisclosed traffic can cause Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T22:19:54.000000Z"}, {"uuid": "20b646ee-cf92-4aa2-b803-78c04e2d5009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34651", "type": "seen", "source": "https://t.me/cibsecurity/47573", "content": "\u203c CVE-2022-34651 \u203c\n\nIn BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, when an LTM Client or Server SSL profile with TLS 1.3 enabled is configured on a virtual server, along with an iRule that calls HTTP::respond, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T22:19:52.000000Z"}, {"uuid": "fb0255db-f63c-45a5-b527-fe6dff6d791e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3465", "type": "seen", "source": "https://t.me/cibsecurity/51257", "content": "\u203c CVE-2022-3465 \u203c\n\nA vulnerability classified as critical was found in Mediabridge Medialink. This vulnerability affects unknown code of the file /index.asp. The manipulation leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210700.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-12T14:26:35.000000Z"}, {"uuid": "274add9f-31c9-4ace-9dc1-cf3c10fda8e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34659", "type": "seen", "source": "https://t.me/cibsecurity/47853", "content": "\u203c CVE-2022-34659 \u203c\n\nA vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). Affected applications expose user, host and display name of users, when the public license server is used. This could allow an attacker to retrieve this information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-10T16:25:54.000000Z"}, {"uuid": "849e1b7a-14cf-46de-9086-499abea1d072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34650", "type": "seen", "source": "https://t.me/cibsecurity/46836", "content": "\u203c CVE-2022-34650 \u203c\n\nMultiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-22T20:23:44.000000Z"}]}