{"vulnerability": "CVE-2022-3169", "sightings": [{"uuid": "17e1e371-8a05-49a1-9c10-528c4a6a7835", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31693", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/496", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31693\n\ud83d\udd39 Description: VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest OS.\n\ud83d\udccf Published: 2023-06-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T17:07:51.941Z\n\ud83d\udd17 References:\n1. https://www.vmware.com/security/advisories/VMSA-2022-0029.html\n2. https://security.netapp.com/advisory/ntap-20221223-0009/\n3. https://security.netapp.com/advisory/ntap-20230824-0009/", "creation_timestamp": "2025-01-07T17:42:04.000000Z"}, {"uuid": "4dbf9c37-c120-42e7-8cc4-02c2a8fa3888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31691", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3443", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA write-up of my (so far inconclusive) look into CVE-2022-31691\nURL\uff1ahttps://github.com/SpindleSec/CVE-2022-31691\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-17T15:27:39.000000Z"}, {"uuid": "9b53dc90-3cfc-4fc4-b7bf-e13e7fe52e06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3192", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692\nURL\uff1ahttps://github.com/SpindleSec/cve-2022-31692\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-07T11:08:35.000000Z"}, {"uuid": "67b7ea25-3664-4f64-b05e-4e0505030842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31692", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3161", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA sample spring boot application demonstrating configuration that is vulnerable to CVE-2022-31692\nURL\uff1ahttps://github.com/SpindleSec/CVE-2022-31692\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-02T12:12:31.000000Z"}, {"uuid": "ea821589-6220-4eb5-9160-95b302bdab27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31696", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11172", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 CVE-2022-31696: An Analysis Of A Vmware Esxi Tcp Socket Keepalive Type Confusion LPE.\n\nhttps://www.zerodayinitiative.com/blog/2023/6/21/cve-2022-31696-an-analysis-of-a-vmware-esxi-tcp-socket-keepalive-type-confusion-lpe", "creation_timestamp": "2023-06-24T14:10:59.000000Z"}, {"uuid": "4ff29f1f-fccb-4f37-9e56-c7b47338a757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31692", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15156", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31692\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to apply to forward and/or include requests (e.g. spring.security.filter.dispatcher-types = request, error, async, forward, include). The application may forward or include the request to a higher privilege-secured endpoint.The application configures Spring Security to apply to every dispatcher type via authorizeHttpRequests().shouldFilterAllDispatcherTypes(true)\n\ud83d\udccf Published: 2022-10-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T15:53:54.566Z\n\ud83d\udd17 References:\n1. https://tanzu.vmware.com/security/cve-2022-31692\n2. https://security.netapp.com/advisory/ntap-20221215-0010/", "creation_timestamp": "2025-05-06T16:21:59.000000Z"}, {"uuid": "df6c0dda-79b5-4b20-85ff-fa5a580a5046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31691", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14564", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31691\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker.\n\ud83d\udccf Published: 2022-11-04T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T19:00:39.593Z\n\ud83d\udd17 References:\n1. https://tanzu.vmware.com/security/cve-2022-31691", "creation_timestamp": "2025-05-02T19:16:11.000000Z"}, {"uuid": "ddd8a698-3c00-4f44-aaa2-a9cbcd0d96a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31698", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12792", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31698\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.\n\ud83d\udccf Published: 2022-12-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T03:26:59.398Z\n\ud83d\udd17 References:\n1. https://www.vmware.com/security/advisories/VMSA-2022-0030.html\n2. https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588", "creation_timestamp": "2025-04-22T04:03:16.000000Z"}, {"uuid": "552506d9-638b-4c36-82ec-35731eff1fb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31694", "type": "seen", "source": "https://t.me/cibsecurity/53201", "content": "\u203c CVE-2022-31694 \u203c\n\nInstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer (when the popup triggers the loading of the library). Exploiting these type of vulnerabilities generally require that an attacker has access to a vulnerable machine to plant the malicious DLL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-19T02:43:47.000000Z"}, {"uuid": "996a3cf7-5494-4b9c-a3ae-bd2440ba027c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31692", "type": "seen", "source": "https://t.me/ctinow/181273", "content": "https://ift.tt/yq31a0I\nCVE-2022-31692 | Oracle Banking Virtual Account Management up to 14.7.0 Common Core authorization", "creation_timestamp": "2024-02-08T10:41:46.000000Z"}, {"uuid": "e5acd849-2f77-48c9-b6d4-b42fb04e5e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31697", "type": "seen", "source": "https://t.me/cibsecurity/54433", "content": "\u203c CVE-2022-31697 \u203c\n\nThe vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T18:28:03.000000Z"}, {"uuid": "c22b2e4e-5314-44eb-8dfe-8268f2dc456b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31699", "type": "seen", "source": "https://t.me/cibsecurity/54431", "content": "\u203c CVE-2022-31699 \u203c\n\nVMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T18:28:01.000000Z"}, {"uuid": "a0651ae9-1d46-4c62-88a0-2cff1659bfc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31696", "type": "seen", "source": "https://t.me/cibsecurity/54421", "content": "\u203c CVE-2022-31696 \u203c\n\nVMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-13T18:27:51.000000Z"}, {"uuid": "e9ce845a-3e17-4ce2-bd70-089d06bb5992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31696", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8546", "content": "#exploit\n1. CVE-2023-34599:\nMultiple XSS vulnerabilities in Gibbon v25.0\nhttps://github.com/maddsec/CVE-2023-34599\n\n2. Cryptanalysis of the DAO exploit & Multi-Stage Attack\nhttps://github.com/demining/Dao-Exploit\n\n3. CVE-2022-31696:\nVMWare ESXI TCP Socket Keepalive Type Confusion LPE\nhttps://www.zerodayinitiative.com/blog/2023/6/21/cve-2022-31696-an-analysis-of-a-vmware-esxi-tcp-socket-keepalive-type-confusion-lpe", "creation_timestamp": "2023-06-24T20:40:48.000000Z"}, {"uuid": "57f5c5bf-d5b0-4fec-9452-75eaad5ce6c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31692", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2424", "content": "#CVE-2022\n\nA sample spring boot application demonstrating configuration that is vulnerable to CVE-2022-31692\n\nhttps://github.com/SpindleSec/CVE-2022-31692\n\n@BlueRedTeam", "creation_timestamp": "2022-11-03T08:11:22.000000Z"}, {"uuid": "b76d73e4-a383-4139-b2e4-57c1675823aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31692", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2445", "content": "#CVE-2022\n\nA project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692\n\nhttps://github.com/SpindleSec/cve-2022-31692\n\n@BlueRedTeam", "creation_timestamp": "2022-11-12T17:55:30.000000Z"}, {"uuid": "4a7085b8-3c6b-4d23-8a79-4a4ad0fc1bd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31692", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7107", "content": "#exploit\n1. CVE-2022-31692:\nAuthorization rules can be bypassed via forward or include dispatcher types in Spring Security\nhttps://github.com/SpindleSec/cve-2022-31692\n\n2. GPay balance exploit\nhttps://github.com/ElwinVi/GPAY-BALANCE-EXPLOIT", "creation_timestamp": "2022-11-05T13:30:01.000000Z"}]}