{"vulnerability": "CVE-2022-2432", "sightings": [{"uuid": "3e7ff115-d698-4213-9b6e-e49787893645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24329", "type": "seen", "source": "Telegram/R-fiJ5emD4j6HB86rC1JEdnYlXmo6jur0MwwV-5vuSIzbN4", "content": "", "creation_timestamp": "2024-04-28T14:18:11.000000Z"}, {"uuid": "93e0c153-8626-412e-8a12-7dfa782f9ffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24324", "type": "seen", "source": "https://t.me/cibsecurity/57252", "content": "\u203c CVE-2022-24324 \u203c\n\nA CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22073)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T07:14:10.000000Z"}, {"uuid": "4269d6a7-1982-47ae-bee5-bbcb74717e76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2432", "type": "seen", "source": "https://t.me/cibsecurity/49369", "content": "\u203c CVE-2022-2432 \u203c\n\nThe Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. This is due to missing or incorrect nonce validation on the ecwid_update_plugin_params function. This makes it possible for unauthenticated attackers to update plugin options granted they can trick a site administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-06T22:29:20.000000Z"}, {"uuid": "87511dc3-72a9-47c6-ad04-01824559767d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24320", "type": "seen", "source": "https://t.me/cibsecurity/37163", "content": "\u203c CVE-2022-24320 \u203c\n\nA CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA database server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStruxure Geo SCADA Expert 2019 (All Versions), EcoStruxure Geo SCADA Expert 2020 (All Versions)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-10T02:19:24.000000Z"}, {"uuid": "5ca766cb-c0be-4478-93f0-944447269660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24328", "type": "seen", "source": "https://t.me/cibsecurity/38101", "content": "\u203c CVE-2022-24328 \u203c\n\nIn JetBrains Hub before 2021.1.13956, an unprivileged user could perform DoS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-25T18:21:05.000000Z"}, {"uuid": "513ff6d2-f242-4a3e-9519-d0a35fd9b87c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24329", "type": "seen", "source": "https://t.me/cibsecurity/38097", "content": "\u203c CVE-2022-24329 \u203c\n\nIn JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-25T18:20:57.000000Z"}, {"uuid": "21311580-16c9-4097-bfc1-221ce34631a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24327", "type": "seen", "source": "https://t.me/cibsecurity/38095", "content": "\u203c CVE-2022-24327 \u203c\n\nIn JetBrains Hub before 2021.1.13890, integration with JetBrains Account exposed an API key with excessive permissions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-25T18:20:51.000000Z"}]}