{"vulnerability": "CVE-2022-2892", "sightings": [{"uuid": "6ccd79f7-36b5-4e9a-b174-26e89fff5752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2892", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12121", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2892\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Measuresoft ScadaPro Server (Versions prior to 6.8.0.1) uses an unmaintained ActiveX control, which may allow an out-of-bounds write condition while processing a specific project file.\n\ud83d\udccf Published: 2022-08-31T20:54:54.536Z\n\ud83d\udccf Modified: 2025-04-16T17:48:40.246Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-05", "creation_timestamp": "2025-04-16T17:56:53.000000Z"}, {"uuid": "67e4c158-5d25-4671-a669-bc942ac98134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28923", "type": "seen", "source": "https://t.me/cibsecurity/57638", "content": "\u203c CVE-2022-28923 \u203c\n\nCaddy v2.4.6 was discovered to contain an open redirection vulnerability which allows attackers to redirect users to phishing websites via crafted URLs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-07T02:28:32.000000Z"}, {"uuid": "30208792-9cac-4ff8-bfb4-79da8684fbe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28921", "type": "seen", "source": "https://t.me/cibsecurity/42953", "content": "\u203c CVE-2022-28921 \u203c\n\nA Cross-Site Request Forgery (CSRF) vulnerability discovered in BlogEngine.Net v3.3.8.0 allows unauthenticated attackers to read arbitrary files on the hosting web server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T23:30:51.000000Z"}, {"uuid": "c0d4e2d1-a359-4473-af05-ee420bd38744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28924", "type": "seen", "source": "https://t.me/cibsecurity/42940", "content": "\u203c CVE-2022-28924 \u203c\n\nAn information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T20:28:51.000000Z"}]}