{"vulnerability": "cve-2022-4455", "sightings": [{"uuid": "bf1e6ae0-fff2-4a42-9eaf-0dd836d3727d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44555", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14289", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44555\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T13:59:37.193Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433", "creation_timestamp": "2025-05-01T14:15:24.000000Z"}, {"uuid": "cdbc36f2-5484-4cc0-8b77-7ee28f3f2a3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44558", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14296", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44558\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T13:54:32.124Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433", "creation_timestamp": "2025-05-01T14:15:37.000000Z"}, {"uuid": "62b05076-80c4-4edb-ab24-a4d74dd20a82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44559", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14299", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44559\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T13:52:06.669Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433", "creation_timestamp": "2025-05-01T14:15:39.000000Z"}, {"uuid": "7bbbc8a6-5336-411a-a4b1-2d1a5fbe7cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44552", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14314", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44552\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T14:36:27.948Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433", "creation_timestamp": "2025-05-01T15:15:37.000000Z"}, {"uuid": "01770b68-6cc9-4978-b068-d47ae09ef517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44556", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14348", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44556\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Missing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.\n\n\n\ud83d\udccf Published: 2022-11-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T18:05:30.614Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-202212-0000001462975397", "creation_timestamp": "2025-05-01T18:15:43.000000Z"}, {"uuid": "b758f40b-4f41-4723-884e-78dff57ef964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4455", "type": "seen", "source": "https://t.me/cibsecurity/54451", "content": "\u203c CVE-2022-4455 \u203c\n\nA vulnerability, which was classified as problematic, was found in sproctor php-calendar. This affects an unknown part of the file index.php. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is a2941109b42201c19733127ced763e270a357809. It is recommended to apply a patch to fix this issue. The identifier VDB-215445 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T20:21:57.000000Z"}, {"uuid": "9c9505cf-dbfb-4a0a-8c02-17fb7a6f29e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44550", "type": "seen", "source": "https://t.me/cibsecurity/52746", "content": "\u203c CVE-2022-44550 \u203c\n\nThe graphics display module has a UAF vulnerability when traversing graphic layers. Successful exploitation of this vulnerability may affect system availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:42:23.000000Z"}, {"uuid": "9efe09cd-cd59-4565-be73-5ce5c079cddd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44557", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14294", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44557\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T13:56:40.744Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433", "creation_timestamp": "2025-05-01T14:15:31.000000Z"}, {"uuid": "19aae4a2-4772-4951-9784-8f62414331ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44554", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14287", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44554\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T14:01:14.802Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433", "creation_timestamp": "2025-05-01T14:15:23.000000Z"}, {"uuid": "c8d738d8-0ece-413c-8533-ffe9163fd263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44553", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14285", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44553\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T14:03:48.410Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433", "creation_timestamp": "2025-05-01T14:15:21.000000Z"}, {"uuid": "00487e8a-756b-479e-b178-8a8bb11047c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44551", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14313", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44551\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T14:37:34.829Z\n\ud83d\udd17 References:\n1. https://consumer.huawei.com/en/support/bulletin/2022/11/\n2. https://device.harmonyos.com/en/docs/security/update/security-bulletins-phones-202211-0000001441016433", "creation_timestamp": "2025-05-01T15:15:36.000000Z"}, {"uuid": "3140cf99-e3bf-4525-9b38-1ac50216c16b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44556", "type": "seen", "source": "https://t.me/cibsecurity/52654", "content": "\u203c CVE-2022-44556 \u203c\n\nMissing parameter type validation in the DRM module. Successful exploitation of this vulnerability may affect availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T20:35:16.000000Z"}, {"uuid": "d2dcbed1-d714-4161-b13a-46f8e1f36bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44557", "type": "seen", "source": "https://t.me/cibsecurity/52783", "content": "\u203c CVE-2022-44557 \u203c\n\nThe SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:49:31.000000Z"}, {"uuid": "2dd57c93-5b73-46f4-a729-8c1d97fe2fd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44555", "type": "seen", "source": "https://t.me/cibsecurity/52782", "content": "\u203c CVE-2022-44555 \u203c\n\nThe DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:49:29.000000Z"}, {"uuid": "50060d75-9953-4de0-9be4-dbbc85b4bdf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44558", "type": "seen", "source": "https://t.me/cibsecurity/52789", "content": "\u203c CVE-2022-44558 \u203c\n\nThe AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:52:25.000000Z"}, {"uuid": "39b9df26-daf6-4be8-9aeb-de661d32d05e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44553", "type": "seen", "source": "https://t.me/cibsecurity/52788", "content": "\u203c CVE-2022-44553 \u203c\n\nThe HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-10T00:49:38.000000Z"}]}