{"vulnerability": "cve-2022-4169", "sightings": [{"uuid": "b0d92cef-38f6-433a-a0c6-d70d46a0c274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41696", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2245", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41696\n\ud83d\udd39 Description: Versions of VISAM VBASE Automation Base prior to 11.7.5 may disclose information if a valid user opens a specially crafted file.\n\ud83d\udccf Published: 2023-03-21T22:19:30.671Z\n\ud83d\udccf Modified: 2025-01-17T22:07:09.782Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-05", "creation_timestamp": "2025-01-17T22:57:13.000000Z"}, {"uuid": "b9bc051b-8379-41d2-8b56-6e9aade84b9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41695", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18609", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41695\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Missing Authorization vulnerability in SedLex Traffic Manager.This issue affects Traffic Manager: from n/a through 1.4.5.\n\n\n\ud83d\udccf Published: 2024-01-17T17:09:02.699Z\n\ud83d\udccf Modified: 2025-06-17T14:18:32.381Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/vulnerability/traffic-manager/wordpress-traffic-manager-plugin-1-4-5-multiple-vulnerabilities?_s_id=cve", "creation_timestamp": "2025-06-17T14:40:20.000000Z"}, {"uuid": "f07a51bf-ec66-4e73-a349-6a8b70ae7c1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41695", "type": "seen", "source": "https://t.me/ctinow/182653", "content": "https://ift.tt/ahwjGY4\nCVE-2022-41695 | SedLex Traffic Manager Plugin up to 1.4.5 on WordPress authorization", "creation_timestamp": "2024-02-10T22:46:34.000000Z"}, {"uuid": "5d6a1d8a-343e-4dad-b283-0136e409d085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4169", "type": "seen", "source": "https://t.me/cibsecurity/53594", "content": "\u203c CVE-2022-4169 \u203c\n\nThe Theme and plugin translation for Polylang is vulnerable to authorization bypass in versions up to, and including, 3.2.16 due to missing capability checks in the process_polylang_theme_translation_wp_loaded() function. This makes it possible for unauthenticated attackers to update plugin and theme translation settings and to import translation strings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-28T20:48:51.000000Z"}, {"uuid": "3069db74-6a46-4600-b125-99b78b3420f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41697", "type": "seen", "source": "https://t.me/cibsecurity/55107", "content": "\u203c CVE-2022-41697 \u203c\n\nA user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T12:13:32.000000Z"}, {"uuid": "092c5dc4-4952-4cd2-92c2-1d027532372d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41690", "type": "seen", "source": "https://t.me/cibsecurity/63759", "content": "\u203c CVE-2022-41690 \u203c\n\nImproper access control in the Intel(R) Retail Edge Mobile iOS application before version 3.4.7 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:19:44.000000Z"}, {"uuid": "e4d4ec50-6fe2-4aa3-8c78-f4617982cd77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41699", "type": "seen", "source": "https://t.me/cibsecurity/63758", "content": "\u203c CVE-2022-41699 \u203c\n\nIncorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:19:44.000000Z"}, {"uuid": "4cc2002b-3db9-40b0-9bd3-8a178bd445c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41693", "type": "seen", "source": "https://t.me/cibsecurity/63753", "content": "\u203c CVE-2022-41693 \u203c\n\nUncontrolled search path in the Intel(R) Quartus(R) Prime Pro edition software before version 22.3 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:19:35.000000Z"}, {"uuid": "af7989a3-d5f7-4743-abb5-9279fe47ffdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41692", "type": "seen", "source": "https://t.me/cibsecurity/53164", "content": "\u203c CVE-2022-41692 \u203c\n\nMissing Authorization vulnerability in Appointment Hour Booking plugin <= 1.3.71 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T22:29:36.000000Z"}, {"uuid": "c5ce6bbb-f954-4378-93b8-27cc29ed3288", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41694", "type": "seen", "source": "https://t.me/cibsecurity/51845", "content": "\u203c CVE-2022-41694 \u203c\n\nIn BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-20T02:20:46.000000Z"}, {"uuid": "9a4b4f56-8b08-42c5-82a6-0633ccf0cee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41691", "type": "seen", "source": "https://t.me/cibsecurity/51844", "content": "\u203c CVE-2022-41691 \u203c\n\nWhen a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-20T02:20:45.000000Z"}, {"uuid": "869f20a3-da56-4962-a20b-a695e30119db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41697", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-41697.yaml", "content": "", "creation_timestamp": "2026-01-20T14:01:28.000000Z"}, {"uuid": "0418ab5f-8626-4fab-9e76-035361f85494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41697", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mcxkzuljox24", "content": "", "creation_timestamp": "2026-01-21T21:03:00.810677Z"}, {"uuid": "d3635b8c-9c26-47d0-b5fe-c6caeb730541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41699", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2974", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41699\n\ud83d\udd39 Description: Incorrect permission assignment for critical resource in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2023-05-10T13:17:16.651Z\n\ud83d\udccf Modified: 2025-01-24T17:37:49.035Z\n\ud83d\udd17 References:\n1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00778.html", "creation_timestamp": "2025-01-24T18:05:24.000000Z"}, {"uuid": "cd2210ed-8dc0-455e-8815-538661057664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41691", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15565", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41691\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.\n\ud83d\udccf Published: 2022-10-19T21:19:45.651Z\n\ud83d\udccf Modified: 2025-05-08T18:13:02.493Z\n\ud83d\udd17 References:\n1. https://support.f5.com/csp/article/K02694732", "creation_timestamp": "2025-05-08T18:24:05.000000Z"}, {"uuid": "e7173ca3-fb08-4b2a-9dfe-7c0a9f79686e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41694", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15566", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41694\n\ud83d\udd25 CVSS Score: 4.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: In BIG-IP versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, and BIG-IQ versions 8.x before 8.2.0.1 and all versions of 7.x, when an SSL key is imported on a BIG-IP or BIG-IQ system, undisclosed input can cause MCPD to terminate.\n\ud83d\udccf Published: 2022-10-19T21:20:06.272Z\n\ud83d\udccf Modified: 2025-05-08T18:12:35.198Z\n\ud83d\udd17 References:\n1. https://support.f5.com/csp/article/K64829234", "creation_timestamp": "2025-05-08T18:24:06.000000Z"}, {"uuid": "cdb2b30f-e373-470f-89be-0b705fe131b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-41695", "type": "seen", "source": "https://t.me/ctinow/169397", "content": "https://ift.tt/b1zQpDC\nCVE-2022-41695", "creation_timestamp": "2024-01-17T18:26:57.000000Z"}]}