{"vulnerability": "cve-2022-3496", "sightings": [{"uuid": "4447c1d3-4a90-423d-a356-03e033ba5bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34961", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/15828", "content": "https://github.com/bypazs/CVE-2022-34961", "creation_timestamp": "2022-07-26T14:26:03.000000Z"}, {"uuid": "9dfbfde6-ecd3-42c5-bd41-8ee46de7e6e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34961", "type": "seen", "source": "https://t.me/cibsecurity/46931", "content": "\u203c CVE-2022-34961 \u203c\n\nOpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T18:39:15.000000Z"}, {"uuid": "150eef50-1f7f-4af1-99c1-4522ed72d8e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34964", "type": "seen", "source": "https://t.me/cibsecurity/46930", "content": "\u203c CVE-2022-34964 \u203c\n\nOpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the SitePages module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T18:39:13.000000Z"}, {"uuid": "6403208a-30cb-4ffa-a214-4cc04cd07343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34963", "type": "seen", "source": "https://t.me/cibsecurity/46924", "content": "\u203c CVE-2022-34963 \u203c\n\nOpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T18:33:27.000000Z"}, {"uuid": "adf04520-249f-4008-9ddd-6d6fee43f821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34966", "type": "seen", "source": "https://t.me/cibsecurity/46949", "content": "\u203c CVE-2022-34966 \u203c\n\nOpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T22:33:17.000000Z"}, {"uuid": "4869414c-c628-4249-a818-6a40093ab96f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34962", "type": "seen", "source": "https://t.me/cibsecurity/46947", "content": "\u203c CVE-2022-34962 \u203c\n\nOpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T22:33:16.000000Z"}, {"uuid": "bfae3bce-0198-4d78-b4b3-d655c039dc38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34967", "type": "seen", "source": "https://t.me/cibsecurity/47477", "content": "\u203c CVE-2022-34967 \u203c\n\nThe assertion `stmt->Dbc->FirstStmt' failed in MonetDB Database Server v11.43.13.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-03T16:48:27.000000Z"}, {"uuid": "9846f944-dfa3-4e69-ad55-4f0d2aaa8c09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34960", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6894", "content": "#exploit\n1. CVE-2022-34960:\nAbusing container mount points on MikroTik's RouterOS\nhttps://nns.ee/blog/2022/08/05/routeros-container-rce.html\n\n2. CVE-2022-26726:\nMacOS TCC Bypass\nhttps://github.com/acheong08/CVE-2022-26726-POC", "creation_timestamp": "2022-10-01T13:41:12.000000Z"}, {"uuid": "d8d1d6ca-3c1e-4ba4-969b-9e4d5447a165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34968", "type": "seen", "source": "https://t.me/cibsecurity/47470", "content": "\u203c CVE-2022-34968 \u203c\n\nAn issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-03T07:18:20.000000Z"}, {"uuid": "b32d225b-e072-47c2-8086-123f4885bef9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34961", "type": "seen", "source": "Telegram/FFymLLIK1VykiTo0qiu5oiOuLgw0sFOxywUPTyY6TqRLAw", "content": "", "creation_timestamp": "2022-07-26T16:33:25.000000Z"}, {"uuid": "674d3fb9-37ff-45a8-acf4-96427f4bba76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34961", "type": "seen", "source": "https://t.me/crackcodes/901", "content": "Updates On Hackbyte Forum:-\n\n1. HydraDeepWeb Leak\n2. Datagram.io Leak\n3. SIING.IO_Source_Backend Leak\n4. PPLDump - RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows\n5. Nessus Plugin (2022 July 22) With TrendMacro CMD\n6. Multiple vulnerabilities in Nuki smart locks\n7. Pulsar \u2014 an open-source runtime security framework powered by Rust & eBPF for IoT\n8. Attack Chain D\u00e9j\u00e0-vu: The infection vector used by SVCReady, Gozi and IcedID\n9. Finding Flaws in FileWave MDM\n10. When Hypervisor Met Snapshot Fuzzing\n11. wodat: Windows Oracle Database Attack Toolkit\n12. Bypass AMSI in local process hooking NtCreateSection\n13. iauyazd.ac.ir leak - The Islamic Azad University in Iran was leaked. \ud83c\uddee\ud83c\uddf7\n14. atlayo.com Leak\n15. toastmasters.org.tw Leak\n16. cryptic.kit.com.vn Leak\n17. Eskimi Dehash Passwords leak\n18. Bolt-CMS-Version-3.7.1-RCE-Exploit\n19. Cloud Exploitation Framework\n20. PSAsyncShell: PowerShell Asynchronous TCP Reverse Shell\n21. EvilURL v3.0 - Generate unicode domains for IDN Homograph Attack and detect them\n22. \ua4d8amerka GUI - Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.\n23. Azure_Workshop - #Azure #RedTeam Attack and Detect Workshop\n24. sniffer - A modern alternative network traffic sniffer\n25. DFShell: The Best Forwarded Shell\n26.s1c0n: simple recon tool to help you for searching vulnerability on web server\n27. PwnFox: PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.\n28. xray_1.9.1_licensed\n29. blmvuln: Major Security Vulnerability on PrestaShop Websites \u2013 CVE-2022-31101\n30. CVE-2022-34961: OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffbAll Updates On :- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-30T13:35:22.000000Z"}, {"uuid": "4928c7b9-bb86-42d9-a2e8-2a39a5e06b0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34965", "type": "seen", "source": "https://t.me/cibsecurity/46941", "content": "\u203c CVE-2022-34965 \u203c\n\nOpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an arbitrary file upload vulnerability via the component /ossn/administrator/com_installer. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T20:33:20.000000Z"}, {"uuid": "b4315f9f-0d07-4acf-9bfd-c37a819d1d7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34960", "type": "seen", "source": "https://t.me/cibsecurity/48694", "content": "\u203c CVE-2022-34960 \u203c\n\nThe container package in MikroTik RouterOS 7.4beta4 allows an attacker to create mount points pointing to symbolic links, which resolve to locations on the host device. This allows the attacker to mount any arbitrary file to any location on the host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T07:23:13.000000Z"}, {"uuid": "297b73a4-494a-4d88-963c-8fa532a7ddff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-34969", "type": "seen", "source": "https://t.me/cibsecurity/47475", "content": "\u203c CVE-2022-34969 \u203c\n\nPingCAP TiDB v6.1.0 was discovered to contain a NULL pointer dereference.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-03T07:18:25.000000Z"}]}