{"vulnerability": "CVE-2022-3296", "sightings": [{"uuid": "fab55749-c15b-40a7-a701-01f6b8a9fc1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32969", "type": "seen", "source": "https://t.me/cyberden_team/370", "content": "\u200b\u200b\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Demonic (CVE-2022-32969) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u0443\u044e \u0444\u0440\u0430\u0437\u0443 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u043f\u0442\u043e\u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c\u044e \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0442\u044c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043f\u043e\u043b\u0435\u0439 \u0432\u0432\u043e\u0434\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u00ab\u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0430\u043d\u0441\u0430\u00bb. \u0422\u0430\u043a, Google Chrome \u0438 Mozilla Firefox \u0431\u0443\u0434\u0443\u0442 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435, \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0435 \u0432 \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0435 \u043f\u043e\u043b\u044f (\u043a\u0440\u043e\u043c\u0435 \u043f\u043e\u043b\u0435\u0439 \u043f\u0430\u0440\u043e\u043b\u044f), \u0447\u0442\u043e\u0431\u044b \u0431\u0440\u0430\u0443\u0437\u0435\u0440 \u043c\u043e\u0433 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435 \u0441\u0431\u043e\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u00ab\u0412\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0435\u0430\u043d\u0441\u00bb. \u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043d\u043e\u0433\u043e \u043a\u043e\u0448\u0435\u043b\u044c\u043a\u0430, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a Metamask, Phantom \u0438 Brave, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043f\u043e\u043b\u0435 \u0432\u0432\u043e\u0434\u0430, \u043d\u0435 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0435 \u043a\u0430\u043a \u043f\u043e\u043b\u0435 \u043f\u0430\u0440\u043e\u043b\u044f, \u043a\u043e\u0433\u0434\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0432\u0432\u043e\u0434\u0438\u0442 \u0441\u0432\u043e\u044e \u0444\u0440\u0430\u0437\u0443 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043e\u043d\u0430 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u0434\u0438\u0441\u043a\u0435 \u0432 \u0432\u0438\u0434\u0435 \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e \u0442\u0435\u043a\u0441\u0442\u0430. \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0438\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e, \u0438\u043c\u0435\u044e\u0449\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0443, \u043c\u043e\u0433\u0443\u0442 \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0441\u0438\u0434-\u0444\u0440\u0430\u0437\u0443 \u0438 \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u0448\u0435\u043b\u0435\u043a \u043d\u0430 \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u042d\u0442\u0430 \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043a\u0440\u0430\u0436\u0438 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0430, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u043b\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0435\u0433\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0442\u0440\u043e\u044f\u043d\u0441\u043a\u043e\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0447\u0442\u043e \u043d\u0435\u0440\u0435\u0434\u043a\u043e \u0432\u0441\u0442\u0440\u0435\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0438 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.", "creation_timestamp": "2022-10-03T05:50:52.000000Z"}, {"uuid": "0243f87a-e109-4745-8651-431bcbb75d7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32966", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13299", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-32966\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: RTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service.\n\ud83d\udccf Published: 2022-11-29T03:30:26.503Z\n\ud83d\udccf Modified: 2025-04-24T18:00:48.672Z\n\ud83d\udd17 References:\n1. https://www.twcert.org.tw/tw/cp-132-6739-5098c-1.html", "creation_timestamp": "2025-04-24T18:06:48.000000Z"}, {"uuid": "ea3d8617-901a-4575-9a26-079423bc2710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3296", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17302", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3296\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.\n\ud83d\udccf Published: 2022-09-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-22T14:14:10.613Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077\n2. https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be\n3. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/\n6. https://security.gentoo.org/glsa/202305-16", "creation_timestamp": "2025-05-22T14:44:58.000000Z"}, {"uuid": "110f4131-c4e8-43d3-8a7a-808e8da198f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32964", "type": "seen", "source": "https://t.me/cibsecurity/47551", "content": "\u203c CVE-2022-32964 \u203c\n\nOMICARD EDM\u00e2\u20ac\u2122s API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T14:19:35.000000Z"}, {"uuid": "cc8660af-cfd0-47f8-aa3f-f25ace6e6880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32965", "type": "seen", "source": "https://t.me/cibsecurity/47548", "content": "\u203c CVE-2022-32965 \u203c\n\nOMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and disrupt service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T12:22:08.000000Z"}, {"uuid": "e2217191-39a8-41c1-978f-b9d15faccca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32963", "type": "seen", "source": "https://t.me/cibsecurity/47547", "content": "\u203c CVE-2022-32963 \u203c\n\nOMICARD EDM\u00e2\u20ac\u2122s mail file relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T14:19:29.000000Z"}, {"uuid": "036148df-5a82-4552-a237-572a7b30bcb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32967", "type": "seen", "source": "https://t.me/cibsecurity/53630", "content": "\u203c CVE-2022-32967 \u203c\n\nRTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical attacker can use the hard-coded default password during system reboot triggered by other user, to acquire partial system information such as serial number and server information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T07:28:46.000000Z"}, {"uuid": "82cedc7d-f723-404f-8e3c-136f249190a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32966", "type": "seen", "source": "https://t.me/cibsecurity/53629", "content": "\u203c CVE-2022-32966 \u203c\n\nRTL8168FP-CG Dash remote management function has missing authorization. An unauthenticated attacker within the adjacent network can connect to DASH service port to disrupt service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T07:28:45.000000Z"}, {"uuid": "74bcbc12-aa1b-4171-8450-39224d0482c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3296", "type": "seen", "source": "https://t.me/cibsecurity/50455", "content": "\u203c CVE-2022-3296 \u203c\n\nStack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-25T20:21:15.000000Z"}, {"uuid": "82d0f07d-7e62-41ad-9a66-b319dda87613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32969", "type": "seen", "source": "https://t.me/cibsecurity/45365", "content": "\u203c CVE-2022-32969 \u203c\n\nMetaMask before 10.11.3 might allow an attacker to access a user's secret recovery phrase because an input field is used for a BIP39 mnemonic, and Firefox and Chromium save such fields to disk in order to support the Restore Session feature, aka the Demonic issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-29T18:43:48.000000Z"}, {"uuid": "02502e29-724f-47d6-850c-c20f1e76a5c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32961", "type": "seen", "source": "https://t.me/cibsecurity/46624", "content": "\u203c CVE-2022-32961 \u203c\n\nHICOS\u00e2\u20ac\u2122 client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T07:41:23.000000Z"}, {"uuid": "e15c2bb6-bce2-459a-8e76-fca68b4db165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32962", "type": "seen", "source": "https://t.me/cibsecurity/46627", "content": "\u203c CVE-2022-32962 \u203c\n\nHiCOS\u00e2\u20ac\u2122 client-side citizen certificate component has a double free vulnerability. An unauthenticated physical attacker can exploit this vulnerability to corrupt memory and execute arbitrary code, manipulate system data or terminate service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T07:41:29.000000Z"}, {"uuid": "ee3f7616-e936-4513-97ef-cacdb7af0b19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32960", "type": "seen", "source": "https://t.me/cibsecurity/46626", "content": "\u203c CVE-2022-32960 \u203c\n\nHiCOS\u00e2\u20ac\u2122 client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T07:41:25.000000Z"}]}