{"vulnerability": "CVE-2022-2493", "sightings": [{"uuid": "f669fd1c-98a5-4bd9-8455-94bfe51a5d87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24939", "type": "seen", "source": "https://t.me/cibsecurity/41295", "content": "\u203c CVE-2022-28366 \u203c\n\nCertain Neko-related HTML parsers allow a denial of service via crafted Processing Instruction (PI) input that causes excessive heap memory consumption. In particular, this issue exists in HtmlUnit-Neko through 2.26, and is fixed in 2.27. This issue also exists in CyberNeko HTML through 1.9.22 (also affecting OWASP AntiSamy before 1.6.6), but 1.9.22 is the last version of CyberNeko HTML. NOTE: this may be related to CVE-2022-24939.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-22T02:27:10.000000Z"}, {"uuid": "d1479226-33e7-40d1-9566-edad19c54a92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24936", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14503", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24936\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H)\n\ud83d\udd39 Description: Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade.\n\ud83d\udccf Published: 2022-11-02T17:25:38.758Z\n\ud83d\udccf Modified: 2025-05-02T16:14:05.273Z\n\ud83d\udd17 References:\n1. https://community.silabs.com/sfc/servlet.shepherd/document/download/0698Y00000Gdop4QAB?operationContext=S1\n2. https://github.com/SiliconLabs/gecko_sdk/blame/2e82050dc8823c9fe0e8908c1b2666fb83056230/platform/bootloader/core/btl_bootload.c", "creation_timestamp": "2025-05-02T16:15:55.000000Z"}, {"uuid": "41fb315b-962f-47bf-afc4-0235208ff2af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2493", "type": "seen", "source": "https://t.me/arpsyndicate/2697", "content": "#ExploitObserverAlert\n\nCVE-2022-2493\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-2493. Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0.\n\nFIRST-EPSS: 0.002200000\nNVD-IS: 5.2\nNVD-ES: 2.8", "creation_timestamp": "2024-01-09T00:36:07.000000Z"}, {"uuid": "ebd1c1e2-7c6f-45be-9da2-a2aaea9d4226", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24934", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/835", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccBianLian \u2013 Ransomware\n\ud83d\udcccPoC for CVE-2022-34265 (Django)\n\ud83d\udcccFUGIO - Automatic Exploit Generation for PHP Object Injection Vulnerabilities\n\ud83d\udcccRCE and Domain Admin privilege escalation for Mailcow\n\ud83d\udcccFTP-Inspector\n\ud83d\udcccCVE-2022-24934\n\ud83d\udcccOctopusWAF\n\ud83d\udcccVernet - Network Analyzer and Monitoring Tool\n\ud83d\udcccUAParser.js\n\ud83d\udcccJSshell\n\ud83d\udcccSXSS is A CLI toolkit to detect and keep track of Blind XSS\n\ud83d\udcccPantheon-HVNC-V2-Source-leaked\n\ud83d\udcccNeurotoxin - Durable #Backdoors in Federated Learning.\n\ud83d\udcccBitRAT\n\ud83d\udcccS-500 G2-Pro-HVNC-Rat-Source-leaked\n\ud83d\udcccCVE-2021-23017-PoC\n\ud83d\udcccHiveV5 keystream decryptor PoC\n\ud83d\udcccPakistan Taxpayers List\n\ud83d\udcccfoodco.us Leak\n\ud83d\udccc774k USA SCHOOL DETAILS\n\ud83d\udcccPrivFu/PrivilegedOperations.\n\ud83d\udcccTOP 21 Remote Code Execution Exploit\u2019s #RCE\n\ud83d\udcccFrom cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud\n\ud83d\udcccRetbleed: Arbitrary Speculative Code Execution with Return Instructions\n\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb Updates:- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-13T11:23:38.000000Z"}, {"uuid": "80bba39a-6b2c-4e1a-b987-0ae87b0e745e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24936", "type": "seen", "source": "https://t.me/cibsecurity/52492", "content": "\u203c CVE-2022-24936 \u203c\n\nOut-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T21:19:54.000000Z"}, {"uuid": "3ba135db-da67-42e2-afe5-876bf49e5944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24934", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1715", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a CVE-2022-24934\nURL\uff1ahttps://github.com/shakeman8/CVE-2022-24934\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-25T07:17:05.000000Z"}, {"uuid": "5a0da938-be61-4878-a1ea-2f1fde982e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24934", "type": "seen", "source": "https://t.me/cibsecurity/39460", "content": "\u203c CVE-2022-24934 \u203c\n\nwpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-24T01:28:55.000000Z"}, {"uuid": "e1ad43bc-340d-405a-9e69-b750bdd972e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24935", "type": "seen", "source": "https://t.me/cibsecurity/41567", "content": "\u203c CVE-2022-24935 \u203c\n\nLexmark products through 2022-02-10 have Incorrect Access Control.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T16:25:46.000000Z"}, {"uuid": "442af470-a0d3-42b9-bec9-9c40c972d48b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24930", "type": "seen", "source": "https://t.me/cibsecurity/38718", "content": "\u203c CVE-2022-24930 \u203c\n\nAn Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T20:26:06.000000Z"}, {"uuid": "3340cd17-3225-4a01-b119-d7329c701551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24934", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6380", "content": "#exploit\n1. CVE-2022-24934:\nwpsupdater.exe in Kingsoft WPS Office < 11.2.0.10382 allows RCE by modifying HKEY_CURRENT_USER in the registry\nhttps://github.com/MagicPiperSec/WPS-CVE-2022-24934\n\n2. CVE-2022-31138:\nRCE and Domain Admin privilege escalation for Mailcow\nhttps://github.com/ly1g3/Mailcow-CVE-2022-31138", "creation_timestamp": "2022-07-12T11:00:26.000000Z"}]}