{"vulnerability": "CVE-2022-3515", "sightings": [{"uuid": "f6bb369e-453d-4387-b1c5-119429d11ef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35155", "type": "exploited", "source": "https://www.exploit-db.com/exploits/51054", "content": "", "creation_timestamp": "2023-03-25T00:00:00.000000Z"}, {"uuid": "bc69a8a4-4867-4b62-8dad-8a29124ffbb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35155", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m5k2tmltm62a", "content": "", "creation_timestamp": "2025-11-13T21:02:36.500526Z"}, {"uuid": "cd7cc2fa-6e6b-4cc8-afda-4c02723cd821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3515", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/229", "content": "Top Security News for 07/01/2023\n\nWhatsApp Introduces Proxy Support to Help Users Bypass Internet Censorship\nhttps://thehackernews.com/2023/01/whatsapp-introduces-proxy-support-to.html \n\nI made an Open Source Browser extension to aid in Threat Investigations!\nhttps://www.reddit.com/r/netsec/comments/1057mto/i_made_an_open_source_browser_extension_to_aid_in/ \n\nAutomotive vulnerabilities discovered.\nhttps://thecyberwire.com/stories/602e4789b3254c9489cc245bc0ef9995/automotive-vulnerabilities-discovered \n\nUpdate on LastPass and Twitter breaches. Vice Society leaks stolen UK school data. Data incident at health organization prompts questions about disclosure rules.\nhttps://thecyberwire.com/newsletters/privacy-briefing/5/4 \n\nI scanned every package on PyPi and found 57 live AWS keys\nhttps://www.reddit.com/r/netsec/comments/10524mo/i_scanned_every_package_on_pypi_and_found_57_live/ \n\nMalware targets 30 unpatched WordPress plugins\nhttps://www.malwarebytes.com/blog/news/2023/01/update-your-wordpress-plugins-now-mass-backdoor-campaign-underway \n\nLatest activity from Turla {Mandiant}\nhttps://www.reddit.com/r/netsec/comments/104zjm8/latest_activity_from_turla_mandiant/ \n\nNew Twitter data dump is a cleaned up version of old Twitter dump\nhttps://www.malwarebytes.com/blog/news/2023/01/new-twitter-data-dump-is-a-cleaned-up-version-of-old-twitter-dump \n\nIgor\u2019s Tip of the Week #122: Manual load\nhttps://malware.news/t/igor-s-tip-of-the-week-122-manual-load/66202#post_1 \n\nVariant analysis of CVE-2022-3515 affecting libksba, which resulted in CVE-2022-47629\nhttps://www.reddit.com/r/netsec/comments/104nnug/variant_analysis_of_cve20223515_affecting_libksba/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-01-07T08:00:09.000000Z"}, {"uuid": "05c09159-2205-4391-9631-b5581bcd66d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3515", "type": "seen", "source": "https://t.me/crackcodes/2143", "content": "#exploit\n1. The OWASSRF + TabShell exploit chain\nhttps://blog.viettelcybersecurity.com/tabshell-owassrf\n\n2. CVE-2022-3515/CVE-2022-47629:\nInteger overflow bug Libksba\u00a0library (x.509)\nhttps://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md \n\n3. CVE-2022-44877:\nCentos Web Panel 7 Unauthenticated RCE\nhttps://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-15T13:34:14.000000Z"}, {"uuid": "d936981b-9597-468b-b2c1-325009781476", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3515", "type": "seen", "source": "https://t.me/cibsecurity/56427", "content": "\u203c CVE-2022-3515 \u203c\n\nA vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-12T18:30:27.000000Z"}, {"uuid": "cd4d3025-4183-409e-80ff-579923348b86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35155", "type": "seen", "source": "https://t.me/cibsecurity/50798", "content": "\u203c CVE-2022-35155 \u203c\n\nBus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-30T22:36:26.000000Z"}, {"uuid": "c28e2c0e-4a11-4fb3-b0b1-d5dbffd20f29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35150", "type": "seen", "source": "https://t.me/cibsecurity/48520", "content": "\u203c CVE-2022-35150 \u203c\n\nBaijicms v4 was discovered to contain an arbitrary file upload vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T20:20:42.000000Z"}, {"uuid": "bb356835-a03f-41ba-ba8f-37b4c7e6d2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35153", "type": "seen", "source": "https://t.me/cibsecurity/48336", "content": "\u203c CVE-2022-35153 \u203c\n\nFusionPBX 5.0.1 was discovered to contain a command injection vulnerability via /fax/fax_send.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-18T12:41:23.000000Z"}, {"uuid": "8f2f75d0-7cae-4f13-b57a-2389eee85b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35154", "type": "seen", "source": "https://t.me/cibsecurity/48330", "content": "\u203c CVE-2022-35154 \u203c\n\nShopro Mall System v1.3.8 was discovered to contain a SQL injection vulnerability via the value parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-18T12:41:14.000000Z"}, {"uuid": "9795c96f-8c74-4ef9-8917-8dfa2940643e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35151", "type": "seen", "source": "https://t.me/cibsecurity/48320", "content": "\u203c CVE-2022-35151 \u203c\n\nkkFileView v4.1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-18T02:40:42.000000Z"}, {"uuid": "25fb9d36-e749-44f6-844c-1082100a1bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35158", "type": "seen", "source": "https://t.me/cibsecurity/47518", "content": "\u203c CVE-2022-35158 \u203c\n\nA vulnerability in the lua parser of TscanCode tsclua v2.15.01 allows attackers to cause a Denial of Service (DoS) via a crafted lua script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T00:23:25.000000Z"}, {"uuid": "c1e834be-b767-4553-8d9d-608fa9892671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3515", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7503", "content": "#exploit\n1. CVE-2022-41076:\nThe OWASSRF + TabShell exploit chain\nhttps://blog.viettelcybersecurity.com/tabshell-owassrf\n]-> https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e\n\n2. CVE-2022-3515/CVE-2022-47629:\nInteger overflow bug Libksba\u00a0library (x.509)\nhttps://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md \n\n3. CVE-2022-44877:\nCentos Web Panel 7 Unauthenticated RCE\nhttps://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-10T05:13:06.000000Z"}]}