{"vulnerability": "CVE-2022-2181", "sightings": [{"uuid": "7ddac8f8-092e-4eee-bb10-e2ece8ede46e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2181", "type": "seen", "source": "https://t.me/cibsecurity/47315", "content": "\u203c CVE-2022-2181 \u203c\n\nThe Advanced WordPress Reset WordPress plugin before 1.6 does not escape some generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T16:16:52.000000Z"}, {"uuid": "11656155-ef4e-44cb-8aba-6ee6e1fd0586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21812", "type": "seen", "source": "https://t.me/cibsecurity/48387", "content": "\u203c CVE-2022-21812 \u203c\n\nImproper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:16:45.000000Z"}, {"uuid": "6e9728fa-0bd7-4756-9671-c781fabf04e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21819", "type": "seen", "source": "https://t.me/cibsecurity/38786", "content": "\u203c CVE-2022-21819 \u203c\n\nNVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-11T16:14:40.000000Z"}, {"uuid": "9c84bab9-402e-4f35-b883-60c2198a86f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21815", "type": "seen", "source": "https://t.me/cibsecurity/36972", "content": "\u203c CVE-2022-21815 \u203c\n\nNVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for private IOCTLs where a NULL pointer dereference in the kernel, created within user mode code, may lead to a denial of service in the form of a system crash.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-07T22:35:26.000000Z"}, {"uuid": "c722dd15-5818-412f-96d8-70ea7cd876c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21817", "type": "seen", "source": "https://t.me/cibsecurity/36709", "content": "\u203c CVE-2022-21817 \u203c\n\nNVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T16:28:56.000000Z"}, {"uuid": "b3d4893a-8da0-461f-94fe-b72b4339a0b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21816", "type": "seen", "source": "https://t.me/cibsecurity/36970", "content": "\u203c CVE-2022-21816 \u203c\n\nNVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (nvidia.ko), where a user in the guest OS can cause a GPU interrupt storm on the hypervisor host, leading to a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-07T22:35:24.000000Z"}, {"uuid": "9da2b4bd-a34e-48b0-b1fe-6db0e1dea145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21813", "type": "seen", "source": "https://t.me/cibsecurity/36969", "content": "\u203c CVE-2022-21813 \u203c\n\nNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-07T22:35:23.000000Z"}, {"uuid": "82073bf7-e487-4d4e-b8d8-7176fbdaf73a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21814", "type": "seen", "source": "https://t.me/cibsecurity/36968", "content": "\u203c CVE-2022-21814 \u203c\n\nNVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-07T22:35:22.000000Z"}]}