{"vulnerability": "CVE-2022-2634", "sightings": [{"uuid": "0eb7e4fd-047d-47d4-bbac-caa11ddea777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26345", "type": "seen", "source": "https://t.me/cibsecurity/58349", "content": "\u203c CVE-2022-26345 \u203c\n\nUncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-20T14:50:36.000000Z"}, {"uuid": "e8e48576-9219-400d-9191-7d20c8d034d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26344", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5334", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-26344\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2022-08-18T19:58:58.000Z\n\ud83d\udccf Modified: 2025-02-25T16:59:29.193Z\n\ud83d\udd17 References:\n1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00701.html", "creation_timestamp": "2025-02-25T17:23:18.000000Z"}, {"uuid": "7b995b6c-41cc-422a-9c2a-48cccb8bd367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26344", "type": "seen", "source": "https://t.me/cibsecurity/48412", "content": "\u203c CVE-2022-26344 \u203c\n\nIncorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:22:56.000000Z"}, {"uuid": "7e2a5b7d-6469-4542-8e58-cb9bd4c0dec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26343", "type": "seen", "source": "https://t.me/cibsecurity/58376", "content": "\u203c CVE-2022-26343 \u203c\n\nImproper access control in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:26:50.000000Z"}, {"uuid": "145381c1-8cd0-45b6-8a3d-30e485a6e4da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26341", "type": "seen", "source": "https://t.me/cibsecurity/52862", "content": "\u203c CVE-2022-26341 \u203c\n\nInsufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:39:07.000000Z"}, {"uuid": "cc08e71f-2b73-455a-84b8-99b8fc6550f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26348", "type": "seen", "source": "https://t.me/cibsecurity/45681", "content": "\u203c CVE-2022-26348 \u203c\n\nCommand Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded into the registry of the Windows Server to obtain sensitive information. This issue affects: Gallagher Command Centre 8.60 versions prior to 8.60.1652; 8.50 versions prior to 8.50.2245; 8.40 versions prior to 8.40.2216; 8.30 versions prior to 8.30.1470; version 8.20 and prior versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-06T20:14:30.000000Z"}, {"uuid": "4b805408-7bc6-4125-85ca-d98af4ca7dc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26342", "type": "seen", "source": "https://t.me/cibsecurity/47683", "content": "\u203c CVE-2022-26342 \u203c\n\nA buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-06T02:27:07.000000Z"}, {"uuid": "3041cf8e-2939-44a0-b4b5-3966c9ce2216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26346", "type": "seen", "source": "https://t.me/cibsecurity/47681", "content": "\u203c CVE-2022-26346 \u203c\n\nA denial of service vulnerability exists in the ucloud_del_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker can send packets to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-06T02:27:05.000000Z"}, {"uuid": "9ae70583-2f3f-43e5-9952-0a8ac99bf212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26340", "type": "seen", "source": "https://t.me/cibsecurity/42011", "content": "\u203c CVE-2022-26340 \u203c\n\nOn F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, and F5 BIG-IQ Centralized Management all versions of 8.x and 7.x, an authenticated, high-privileged attacker with no bash access may be able to access Certificate and Key files using Secure Copy (SCP) protocol from a remote system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-05T20:36:45.000000Z"}]}