{"vulnerability": "CVE-2022-2122", "sightings": [{"uuid": "c8900e7e-e277-4ecd-b872-39a241a6bf7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21222", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17011", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-21222\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P)\n\ud83d\udd39 Description: The package css-what before 2.1.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to the usage of insecure regular expression in the re_attr variable of index.js. The exploitation of this vulnerability could be triggered via the parse function.\n\ud83d\udccf Published: 2022-09-30T05:05:11.059Z\n\ud83d\udccf Modified: 2025-05-20T16:04:07.202Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-CSSWHAT-3035488\n2. https://github.com/fb55/css-what/blob/a38effd5a8f5506d75c7f8f13cbd8c76248a3860/index.js%23L12\n3. https://lists.debian.org/debian-lts-announce/2023/03/msg00001.html", "creation_timestamp": "2025-05-20T16:41:00.000000Z"}, {"uuid": "b3e8e7e4-043f-446f-b9ed-664268d5ef48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21225", "type": "seen", "source": "https://t.me/bughuntertips/449", "content": "1. Change Any User Data on NFT Marketplace (Crosea IO)\n2. Hubspot Full Account Takeover in Bug Bounty\n3. Web Cache Deception Attack on 404 page exposing PII data to unauth users\n4. From Zero to Hero Intel DCM SQL Injection to RCE (CVE-2022-21225)\n5. From Recon via Censys and DNSDumpster to getting P1\n6. CRLF (GBK encoding) to XSS - Microsoft Bug Bounty 6000$\n7. Abusing Hop-by-hop header CRLF injection\n8. Exploiting non-cloud SSRF for fun & profit\n9. 2 RCE in EPAM Bug Bounty Program\n10. \u0422\u0440\u0438 SQL \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432\u0441\u0435\u0433\u043e \u0437\u0430 10 \u043c\u0438\u043d\u0443\u0442\n11. \u041a\u0430\u043a \u0440\u0430\u0441\u043a\u0440\u0443\u0442\u0438\u0442\u044c RCE \u0432 \u0447\u0430\u0442-\u0431\u043e\u0442\u0435\n12. \u0422\u0440\u0438 \u0437\u0430\u0431\u0430\u0432\u043d\u044b\u0445 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0438\u0437 \u0411\u0430\u0433\u0431\u0430\u0443\u043d\u0442\u0438\n13. 10 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u043e\u0442\u0440\u0435\u043f\u043e\u0440\u0442\u0438\u0442\u044c \u0435\u0440\u0443\u043d\u0434\u0443 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0437\u0430 \u044d\u0442\u043e \u0434\u0435\u043d\u044c\u0433\u0438\n14. 10 \u0442\u0438\u043f\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u0441\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u044e\u0442\n15. \u041a\u0430\u043a \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0435\u0431\u043a\u044d\u0448 \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\n#bugbountytips", "creation_timestamp": "2024-05-15T16:04:40.000000Z"}, {"uuid": "edc7bebb-518c-4923-9e37-1abe69701d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21224", "type": "seen", "source": "https://t.me/cibsecurity/59645", "content": "\u203c CVE-2022-21224 \u203c\n\nThis candidate was in a CNA pool that was not assigned to any issues during 2022.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T02:23:17.000000Z"}, {"uuid": "2b036cb7-be9d-4d40-9b56-dcf61d2c5399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21225", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1749", "content": "#Offensive_security\n1. A collection of various and sundry code snippets that leverage .NET dynamic tradecraft\nhttps://github.com/bohops/DynamicDotNet\n2. Payload generator to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation\nhttps://github.com/HackCommander/PHP-info-cookie-stealer\n3. From SQL Injection to RCE on Intel DCM (CVE-2022-21225)\nhttps://www.rcesecurity.com/2022/12/from-zero-to-hero-part-2-intel-dcm-sql-injection-to-rce-cve-2022-21225", "creation_timestamp": "2022-12-13T04:12:35.000000Z"}, {"uuid": "0e01ef94-3d11-4b89-b8b8-c7faa13059b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21229", "type": "seen", "source": "https://t.me/cibsecurity/48391", "content": "\u203c CVE-2022-21229 \u203c\n\nImproper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:16:52.000000Z"}, {"uuid": "bd193266-3028-4a90-adc3-309dee4d71ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2122", "type": "seen", "source": "https://t.me/cibsecurity/46588", "content": "\u203c CVE-2022-2122 \u203c\n\nDOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T00:41:01.000000Z"}, {"uuid": "4c9bc906-b6a6-4235-98d9-68196c288aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21223", "type": "seen", "source": "https://t.me/cibsecurity/40014", "content": "\u203c CVE-2022-21223 \u203c\n\nThe package cocoapods-downloader before 1.6.2 are vulnerable to Command Injection via hg argument injection. When calling the download function (when using hg), the url (and/or revision, tag, branch) is passed to the hg clone command in a way that additional flags can be set. The additional flags can be used to perform a command injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-01T22:19:48.000000Z"}, {"uuid": "5fbed516-1b26-4de9-8870-2b8975cc0b87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21221", "type": "seen", "source": "https://t.me/cibsecurity/39136", "content": "\u203c CVE-2022-21221 \u203c\n\nThe package github.com/valyala/fasthttp before 1.34.0 are vulnerable to Directory Traversal via the ServeFile function, due to improper sanitization. It is possible to be exploited by using a backslash %5c character in the path. **Note:** This security issue impacts Windows users only.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-17T15:21:37.000000Z"}, {"uuid": "df8a0eab-274d-4520-ba63-6e5483efa725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21225", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7341", "content": "#Offensive_security\n1. A collection of various and sundry code snippets that leverage .NET dynamic tradecraft\nhttps://github.com/bohops/DynamicDotNet\n2. Payload generator to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation\nhttps://github.com/HackCommander/PHP-info-cookie-stealer\n3. From SQL Injection to RCE on Intel DCM (CVE-2022-21225)\nhttps://www.rcesecurity.com/2022/12/from-zero-to-hero-part-2-intel-dcm-sql-injection-to-rce-cve-2022-21225", "creation_timestamp": "2022-12-12T11:00:33.000000Z"}, {"uuid": "f9029ef1-f72b-4ae3-b0c8-c6917cdfbf64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21226", "type": "seen", "source": "https://t.me/cibsecurity/37164", "content": "\u203c CVE-2022-21226 \u203c\n\nOut-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-10T02:19:26.000000Z"}]}