{"vulnerability": "CVE-2022-3491", "sightings": [{"uuid": "486aea0f-2c55-4579-ac6e-3945548a761b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "5367293d-0fc8-49b4-aac1-52b61c134a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lj6s25awbk2n", "content": "", "creation_timestamp": "2025-02-27T21:02:01.868341Z"}, {"uuid": "e2ac07ad-cf2f-472e-bc14-413921c36ca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:47.000000Z"}, {"uuid": "bf3308e4-7795-470a-be0c-adbf3117bf88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-9d1c9d9f-675cdbc3d8f48478", "content": "", "creation_timestamp": "2025-03-01T00:19:17.019382Z"}, {"uuid": "38cc1937-6752-4b96-a0e3-32d686ed108d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/netfilter_nft_set_elem_init_privesc.rb", "content": "", "creation_timestamp": "2022-09-27T22:01:50.000000Z"}, {"uuid": "d3ae78e8-499c-4e18-96e5-7d302f5dafb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:06.000000Z"}, {"uuid": "9baae80e-e39d-4305-93e5-4235ab5bf686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "Telegram/6PgG1jna3SSTTQmu6Bbd073fVa6QDWjxsA1I-2nGrEBSvw", "content": "", "creation_timestamp": "2022-08-06T05:24:31.000000Z"}, {"uuid": "b1e95fbd-0109-46b4-970b-e6814a7f1c11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2205", "content": "LPE exploit for CVE-2022-34918\nexploit kernel\u00a0Linux ubuntu 5.15.0-39-generic\n\nhttps://github.com/randorisec/CVE-2022-34918-LPE-PoC\n\nArticle\n[CVE-2022-34918] A crack in the Linux firewall\nhttps://www.randorisec.fr/crack-linux-firewall/", "creation_timestamp": "2022-08-13T21:01:39.000000Z"}, {"uuid": "7aefaa2d-9971-4361-9adc-4294d2a800c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "Telegram/lJQH4YjVkyA2usWSgfNDCKKM1SMUQPbukQqfHOjh8fKsbQ", "content": "", "creation_timestamp": "2022-07-21T12:17:08.000000Z"}, {"uuid": "a1537988-7218-4618-9f91-11302e094002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/926", "content": "CVE-2022-34918\nA crack in the Linux firewall\n\u0420\u0430\u0437\u0431\u043e\u0440 \u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430 \u0442\u0443\u0442\n\n\n#linux #poc #exploit #lpe", "creation_timestamp": "2022-07-21T10:35:57.000000Z"}, {"uuid": "3ac24eea-6c6e-4921-bcff-89827332dd5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 & CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"}, {"uuid": "86b568a3-19fc-4b6d-95b0-3f3255c2f9bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2850", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-34918 netfilter nf_tables \u672c\u5730\u63d0\u6743 POC\nURL\uff1ahttps://github.com/veritas501/CVE-2022-34918\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-04T10:47:33.000000Z"}, {"uuid": "ec778af0-0f76-4bf0-97c8-0d76f4c8c432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/11", "content": "https://github.com/randorisec/CVE-2022-34918-LPE-PoC\n\n@hackingbra", "creation_timestamp": "2022-07-24T15:30:21.000000Z"}, {"uuid": "978ea504-1fa4-4d79-be14-ecd8bc8460c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2064", "content": "CVE-2022-34918: Linux Kernel LPE PoC\n\nhttps://github.com/randorisec/CVE-2022-34918-LPE-PoC\n\n+ \u0440\u0435\u0441\u0435\u0440\u0447: https://randorisec.fr/crack-linux-firewall/\n\n#exploit #git", "creation_timestamp": "2022-07-22T08:30:32.000000Z"}, {"uuid": "4a6d75c5-75d7-4308-acb6-98e4d53341e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2145", "content": "LPE exploit for CVE-2022-34918\nThis exploit has been written for the kernel Linux ubuntu 5.15.0-39-generic\nhttps://github.com/randorisec/CVE-2022-34918-LPE-PoC\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-07-31T15:00:48.000000Z"}, {"uuid": "5341e2e9-7963-433e-973f-c28e4aaefdde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/177", "content": "[CVE-2022-34918] A crack in the Linux firewall\n\nAn article by Arthur Mongodin about exploiting a slab-buffer-overflow in the netfilter subsystem.\n\nThe exploit uses the unlinking technique from Lam Jun Rong's io_uring exploit.", "creation_timestamp": "2022-08-03T04:52:24.000000Z"}, {"uuid": "bc7e04c9-e542-4aed-a6ae-0e4039296a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"}, {"uuid": "96e7c1bd-219c-4bc8-8bb8-1b8b709f1fd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1232", "content": "CVE-2022-34918: Linux Kernel LPE PoC\n\nhttps://github.com/randorisec/CVE-2022-34918-LPE-PoC\n\n+ \u0440\u0435\u0441\u0435\u0440\u0447: https://randorisec.fr/crack-linux-firewall/\n\n#exploit #git", "creation_timestamp": "2022-07-21T21:51:18.000000Z"}, {"uuid": "b02883b4-5880-4b90-80ec-204c4843e98e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/345", "content": "CVE-2022-34918 : LPE POC , This exploit has been written for the kernel\u00a0Linux ubuntu 5.15.0-39\nhttps://github.com/randorisec/CVE-2022-34918-LPE-PoC", "creation_timestamp": "2022-07-22T01:41:21.000000Z"}, {"uuid": "cfb771c2-ac51-4c38-82ed-228620b09554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "Telegram/ilGwqtoR942kCEN4VHW1I8j3V1o_UPdcgKq5uWhMt2eGfA", "content": "", "creation_timestamp": "2022-07-22T00:03:30.000000Z"}, {"uuid": "c9ba083a-85c8-40bf-8d7d-c6e5734afb5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/873", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccLPE exploit for CVE-2022-34918\n\ud83d\udcccvscan\n\ud83d\udcccKF/x \u2013 Kernel Fuzzer for Xen Project\n\ud83d\udcccPHP-jpeg-injector\n\ud83d\udcccHiddenWall - HiddenWall is a Linux kernel module generator for custom rules with netfilter\n\ud83d\udcccSubDomz - The All in One Subdomain Enumeration Tool\n\ud83d\udcccNiCOFF - NiCOFF is a COFF and BOF file loader written in Nim\n\ud83d\udcccKoviD LKM - Rootkit is a full-feature LKM intended for use against\n\ud83d\udcccWindows10 Exploits\n\ud83d\udcccSilentETHMiner\n\ud83d\udcccAcunetix_14.9.220713150 For Windows/Linux\n\ud83d\udcccCloud is more fun with an SSRF\n\ud83d\udcccDNS-over-HTTP/3 in Android\n\ud83d\udcccPwn2Own Miami 2022: OPC UA .NET Standard Trusted Application Check Bypass\n\ud83d\udccc8teenxxx.com Leak\n\ud83d\udcccAngoc.org Leak\n\ud83d\udcccpconline.com.cn Leak\n\ud83d\udcccTomsk State University\u2019s main system source code Leak\n\ud83d\udcccIxigo.com Leak\n\ud83d\udcccStockx.com Leak\n\ud83d\udcccNeurotech Telecom Mexico Leak\n\ud83d\udcccThe Surreal Case of a C.I.A.- Hacker\u2019s Revenge\n\ud83d\udcccBotnix.net Leak\n\ud83d\udcccPaybito.com Leak\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb Updates:- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-21T12:14:33.000000Z"}, {"uuid": "0a328507-d937-49f6-80bd-4d71568fc5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34919", "type": "seen", "source": "https://t.me/cibsecurity/48566", "content": "\u203c CVE-2022-34919 \u203c\n\nThe file upload wizard in Zengenti Contensis Classic before 15.2.1.79 does not correctly check that a user has authenticated. By uploading a crafted aspx file, it is possible to execute arbitrary commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T07:21:06.000000Z"}, {"uuid": "1e4d1cb2-5d79-4484-b5b2-2271840a3c95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34917", "type": "seen", "source": "https://t.me/cibsecurity/50126", "content": "\u203c CVE-2022-34917 \u203c\n\nA security vulnerability has been identified in Apache Kafka. It affects all releases since 2.8.0. The vulnerability allows malicious unauthenticated clients to allocate large amounts of memory on brokers. This can lead to brokers hitting OutOfMemoryException and causing denial of service. Example scenarios: - Kafka cluster without authentication: Any clients able to establish a network connection to a broker can trigger the issue. - Kafka cluster with SASL authentication: Any clients able to establish a network connection to a broker, without the need for valid SASL credentials, can trigger the issue. - Kafka cluster with TLS authentication: Only clients able to successfully authenticate via TLS can trigger the issue. We advise the users to upgrade the Kafka installations to one of the 3.2.3, 3.1.2, 3.0.2, 2.8.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-20T12:39:04.000000Z"}, {"uuid": "563dee55-dab5-4080-a85d-33b0935d06fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34910", "type": "seen", "source": "https://t.me/cibsecurity/58941", "content": "\u203c CVE-2022-34910 \u203c\n\nAn issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in cleartext. Therefore, an attacker can retrieve the passwords of other users that used the same device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T16:27:54.000000Z"}, {"uuid": "493e2c04-6e09-4f3d-804d-66606e8568dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3491", "type": "seen", "source": "https://t.me/cibsecurity/53948", "content": "\u203c CVE-2022-3491 \u203c\n\nHeap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-03T16:37:52.000000Z"}, {"uuid": "09709888-44c1-4490-9055-9f0c37f26ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34914", "type": "seen", "source": "https://t.me/cibsecurity/45839", "content": "\u203c CVE-2022-34914 \u203c\n\nWebswing before 22.1.3 allows X-Forwarded-For header injection. The client IP address is associated with a variable in the configuration page. The {clientIp} variable can be used as an application startup argument. The X-Forwarded-For header can be manipulated by a client to store an arbitrary value that is used to replace the clientIp variable (without sanitization). A client can thus inject multiple arguments into the session startup. Systems that do not use the clientIP variable in the configuration are not vulnerable. The vulnerability is fixed in these versions: 20.1.16, 20.2.19, 21.1.8, 21.2.12, and 22.1.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-08T22:18:41.000000Z"}, {"uuid": "6ca35924-3461-46e9-a167-42871e51e191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/167", "content": "https://github.com/veritas501/CVE-2022-34918", "creation_timestamp": "2022-08-06T15:56:07.000000Z"}, {"uuid": "783455e2-503c-4ff1-9d88-e67fb1b92247", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1138", "content": "https://github.com/randorisec/CVE-2022-34918-LPE-PoC", "creation_timestamp": "2024-11-09T11:31:16.000000Z"}, {"uuid": "74b4e270-3dd8-46e6-aca1-a35272b0b439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34918", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6466", "content": "#tools\n#Offensive_security\n1. GoodbyeDPI - Deep Packet Inspection circumvention utility (for Windows)\nhttps://github.com/ValdikSS/GoodbyeDPI\n2. A crack in the Linux firewall (CVE-2022-34918)\nhttps://www.randorisec.fr/crack-linux-firewall\n]-> https://github.com/randorisec/CVE-2022-34918-LPE-PoC", "creation_timestamp": "2022-07-26T11:17:59.000000Z"}]}