{"vulnerability": "CVE-2022-3029", "sightings": [{"uuid": "84ec942b-5393-40de-b5c7-39866fa29b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30296", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5336", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-30296\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Insufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network access.\n\ud83d\udccf Published: 2022-08-18T19:59:24.000Z\n\ud83d\udccf Modified: 2025-02-25T16:56:18.743Z\n\ud83d\udd17 References:\n1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00703.html", "creation_timestamp": "2025-02-25T17:23:23.000000Z"}, {"uuid": "a9c6eb86-e8db-4881-89c7-9a5599d30585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30297", "type": "seen", "source": "https://t.me/cibsecurity/52898", "content": "\u203c CVE-2022-30297 \u203c\n\nCross-site scripting in the Intel(R) EMA software before version 1.8.0 may allow a privileged user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:45:28.000000Z"}, {"uuid": "b8e94876-f360-49bc-a1a2-cfdab90b4382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3029", "type": "seen", "source": "https://t.me/cibsecurity/49671", "content": "\u203c CVE-2022-3029 \u203c\n\nIn NLnet Labs Routinator 0.9.0 up to and including 0.11.2, due to a mistake in error handling, data in RRDP snapshot and delta files that isn\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2t correctly base 64 encoded is treated as a fatal error and causes Routinator to exit. Worst case impact of this vulnerability is denial of service for the RPKI data that Routinator provides to routers. This may stop your network from validating route origins based on RPKI data. This vulnerability does not allow an attacker to manipulate RPKI data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-13T20:25:37.000000Z"}, {"uuid": "822fbf6a-d50b-40a6-864c-d670ae274d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30296", "type": "seen", "source": "https://t.me/cibsecurity/48411", "content": "\u203c CVE-2022-30296 \u203c\n\nInsufficiently protected credentials in the Intel(R) Datacenter Group Event iOS application, all versions, may allow an unauthenticated user to potentially enable information disclosure via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:22:56.000000Z"}, {"uuid": "090dccdd-acd9-40b3-ada9-c945665e2448", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30290", "type": "seen", "source": "https://t.me/cibsecurity/45587", "content": "\u203c CVE-2022-30290 \u203c\n\nIn OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their registered e-mail address as well as their API key, even though such action is not possible through the interface, legitimately.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-05T16:13:35.000000Z"}, {"uuid": "84563648-6e40-44c9-a7cd-8282f35c4d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30299", "type": "seen", "source": "https://t.me/cibsecurity/58348", "content": "\u203c CVE-2022-30299 \u203c\n\nA path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authenticated attacker to retrieve specific parts of files from the underlying file system via specially crafted web requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T22:17:36.000000Z"}, {"uuid": "a0ad7f22-31e9-47ab-a430-07d1ad80b31c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30293", "type": "seen", "source": "https://t.me/cibsecurity/42094", "content": "\u203c CVE-2022-30293 \u203c\n\nIn WebKitGTK through 2.36.0 (and WPE WebKit), there is a heap-based buffer overflow in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T12:22:26.000000Z"}, {"uuid": "1cbde526-e544-4d08-bbe3-9c6facb8e5ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30295", "type": "seen", "source": "https://t.me/cibsecurity/42093", "content": "\u203c CVE-2022-30295 \u203c\n\nuClibc-ng through 1.0.40 and uClibc through 0.9.33.2 use predictable DNS transaction IDs that may lead to DNS cache poisoning. This is related to a reset of a value to 0x2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T12:22:26.000000Z"}, {"uuid": "25b6573f-4ae2-4489-bf99-8817f9925d71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30294", "type": "seen", "source": "https://t.me/cibsecurity/42092", "content": "\u203c CVE-2022-30294 \u203c\n\nIn WebKitGTK through 2.36.0 (and WPE WebKit), there is a use-after-free in WebCore::TextureMapperLayer::setContentsLayer in WebCore/platform/graphics/texmap/TextureMapperLayer.cpp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T12:22:25.000000Z"}, {"uuid": "37db1f92-a9ae-4cb4-8a58-9f6139325f33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30292", "type": "seen", "source": "https://t.me/cibsecurity/41959", "content": "\u203c CVE-2022-30292 \u203c\n\nthread_call in sqbaselib.cpp in SQUIRREL 3.2 lacks a certain sq_reservestack call.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-05T02:35:24.000000Z"}]}