{"vulnerability": "CVE-2022-2395", "sightings": [{"uuid": "0419a380-3174-4f05-945d-2cb63d43ae38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23952", "type": "seen", "source": "https://t.me/cibsecurity/50221", "content": "\u203c CVE-2022-23952 \u203c\n\nIn Keylime before 6.3.0, current keylime installer installs the keylime.conf file, which can contain sensitive data, as world-readable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T22:41:18.000000Z"}, {"uuid": "d86ca827-60cb-4fc7-b582-c68416486ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23950", "type": "seen", "source": "https://t.me/cibsecurity/50225", "content": "\u203c CVE-2022-23950 \u203c\n\nIn Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T22:41:23.000000Z"}, {"uuid": "c5269f3c-0992-425e-b0f9-fb0b8aa93305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23951", "type": "seen", "source": "https://t.me/cibsecurity/50237", "content": "\u203c CVE-2022-23951 \u203c\n\nIn Keylime before 6.3.0, quote responses from the agent can contain possibly untrusted ZIP data which can lead to zip bombs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T22:41:37.000000Z"}, {"uuid": "d43f3cdb-9a16-4793-ab72-647b11b0a3bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2395", "type": "seen", "source": "https://t.me/cibsecurity/47738", "content": "\u203c CVE-2022-2395 \u203c\n\nThe weForms WordPress plugin before 1.6.14 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-08T18:23:50.000000Z"}, {"uuid": "cd1869f9-f399-4a24-88b0-9f56d79fc550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23956", "type": "seen", "source": "https://t.me/cibsecurity/38335", "content": "\u203c CVE-2022-23956 \u203c\n\nPotential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T00:25:33.000000Z"}, {"uuid": "6f42c765-c375-4a2c-9acf-b6b539f26125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23955", "type": "seen", "source": "https://t.me/cibsecurity/38334", "content": "\u203c CVE-2022-23955 \u203c\n\nPotential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T00:25:32.000000Z"}, {"uuid": "0444fd9f-7300-4803-8245-129e3e694b56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23957", "type": "seen", "source": "https://t.me/cibsecurity/38331", "content": "\u203c CVE-2022-23957 \u203c\n\nPotential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T00:25:26.000000Z"}, {"uuid": "cfa4cf79-e4cd-4ba3-9e90-a40d31f613cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23953", "type": "seen", "source": "https://t.me/cibsecurity/38340", "content": "\u203c CVE-2022-23953 \u203c\n\nPotential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T00:25:40.000000Z"}, {"uuid": "9a2b2f25-6ab7-45e4-afea-7c8a94829ced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23958", "type": "seen", "source": "https://t.me/cibsecurity/38324", "content": "\u203c CVE-2022-23958 \u203c\n\nPotential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T00:25:17.000000Z"}, {"uuid": "4ac2c022-b9e7-41ea-b2a4-e18fb2a92f16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23954", "type": "seen", "source": "https://t.me/cibsecurity/38327", "content": "\u203c CVE-2022-23954 \u203c\n\nPotential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T00:25:19.000000Z"}, {"uuid": "c909bda4-8c3d-4b34-82a5-9e94b9a12d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23959", "type": "seen", "source": "https://t.me/cibsecurity/36288", "content": "\u203c CVE-2022-23959 \u203c\n\nIn Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-26T07:19:11.000000Z"}]}