{"vulnerability": "CVE-2022-3288", "sightings": [{"uuid": "65d2cf69-9814-4575-b79b-744f431615d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32888", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14883", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32888\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-05T15:01:09.370Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213446\n2. https://support.apple.com/en-us/HT213443\n3. https://support.apple.com/en-us/HT213445\n4. https://support.apple.com/en-us/HT213444\n5. https://support.apple.com/en-us/HT213488\n6. https://support.apple.com/en-us/HT213486\n7. https://support.apple.com/en-us/HT213487\n8. http://www.openwall.com/lists/oss-security/2022/11/04/4\n9. https://security.gentoo.org/glsa/202305-32", "creation_timestamp": "2025-05-05T15:20:08.000000Z"}, {"uuid": "9832dfa1-30e8-483a-8897-af78cd44e217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32883", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/266", "content": "https://github.com/breakpointHQ/CVE-2022-32883\n#github", "creation_timestamp": "2022-09-20T12:16:16.000000Z"}, {"uuid": "44540b1e-3512-419c-9f15-250b54e75e8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32883", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2785", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nCyber Threat Intelligence Data and Analysis\n\nOur unique Cyber Threat Intelligence aims to determine the ongoing research of APT actors to anticipiate their acitivities.\n\nhttps://github.com/vuldb/cyber_threat_intelligence\n\nMicro Emulation Plans\n\nThis collection expands the impact of the Adversary Emulation Library by developing easy-to-execute adversary emulation content that targets specific behaviors and challenges facing defenders. \n\nRather than modeling full-scope breach scenarios, these micro emulation plans focus on smaller, more specific combinations of techniques. (We call these short sequences \"compound behaviors\" because they involve more than one adversary technique.) \n\nThe plans produce signals similar to real adversary techniques (but without the harmful effects) to enable blue teams to safely test and evaluate their detective and preventative controls.\n\nhttps://github.com/center-for-threat-informed-defense/adversary_emulation_library/tree/master/micro_emulation_plans\n\nMDML\n\nMalware Detection using Machine Learning.\n\nhttps://github.com/mohamedbenchikh/MDML\n\nVirtual FIDO\n\nA virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.\n\nFeatures:\n\u25ab\ufe0f Support for both Windows and Linux through USB/IP (Mac support coming later)\n\u25ab\ufe0f Connect using both U2F and FIDO2 protocols for both normal 2FA and WebAuthN\n\u25ab\ufe0f Store credentials in an encrypted format with a passphrase\n\u25ab\ufe0f Store credential data anywhere (example provided: a local file)\n\u25ab\ufe0f Generic approval mechanism for credential creation and login (example provided: terminal based)\n\nhttps://github.com/bulwarkid/virtual-fido\n\nPeNet Analyzer\n\nAnalyzers for Portable Executable anomalies and other malware behavior.\n\nhttps://github.com/secana/PeNet-Analyzer\n\nCVE-2022-32883 \n\nTurning Your Computer Into a GPS Tracker With Apple Maps.\n\nhttps://github.com/breakpointHQ/CVE-2022-32883\n\nCondor\n\nA tool created to help pentesters bypass protections like AVs/EDRs/XDRs in the Windows operating system. Condor was developed in Python and has several advantages to help pentesters.\n\nhttps://github.com/MrEmpy/Condor\n\nExecRemoteAssembly\n\nExecute Remote Assembly with args passing and with AMSI and ETW patching\n\nhttps://github.com/D1rkMtr/ExecRemoteAssembly\n\nLDAP Nom Nom\n\nAnonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP)\n\n\u25ab\ufe0f Autodetects DCs on domain joined machines. A bit moot, as you can just dump usernames with authenticated LDAP, but included for completeness\n\u25ab\ufe0f Reads usernames to test from stdin or file\n\u25ab\ufe0f Outputs to stdin or file\n\u25ab\ufe0f Parallelized, defaults to 8 connections\n\u25ab\ufe0f Shows progressbar if you're using both input and output files\n\nhttps://github.com/lkarlslund/ldapnomnom\n\nPyMeta \n\nA Python3 rewrite of the tool PowerMeta, created in PowerShell. It uses specially crafted search queries to identify and download the following file types (pdf, xls, xlsx, csv, doc, docx, ppt, pptx) from a given domain using Google and Bing scraping.\n\nhttps://github.com/m8sec/pymeta\n\nAppShark\n\nA static taint analysis platform to scan vulnerabilities in an Android app.\n\nhttps://github.com/bytedance/appshark\n\nFly4s\n\nA lightweight, simple and functional wrapper for Flyway using cats effect. \n\nhttps://github.com/geirolz/fly4s\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2023-03-30T08:41:33.000000Z"}, {"uuid": "7c975215-cf67-422d-a967-7089f478a4c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32881", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15201", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32881\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T19:00:10.929Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213446\n2. https://support.apple.com/en-us/HT213443\n3. https://support.apple.com/en-us/HT213444\n4. https://support.apple.com/en-us/HT213488\n5. https://support.apple.com/en-us/HT213486\n6. https://support.apple.com/en-us/HT213487", "creation_timestamp": "2025-05-06T19:21:20.000000Z"}, {"uuid": "dc4d7737-6055-42c1-b241-723a3a5602c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32887", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15204", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32887\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T18:58:52.281Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213446", "creation_timestamp": "2025-05-06T19:21:24.000000Z"}, {"uuid": "20f1510d-882e-4891-b9bc-07b1de5b4a52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3288", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16172", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3288\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: A branch/tag name confusion in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to manipulate pages where the content of the default branch would be expected.\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-13T15:43:38.380Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/354948\n2. https://hackerone.com/reports/1498354\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3288.json", "creation_timestamp": "2025-05-13T16:30:57.000000Z"}]}