{"vulnerability": "CVE-2022-3627", "sightings": [{"uuid": "febec752-341b-4515-9595-3e8da307c117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36271", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2963", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis is working POC of CVE-2022-36271 \nURL\uff1ahttps://github.com/SaumyajeetDas/POC-of-CVE-2022-36271\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-16T19:52:40.000000Z"}, {"uuid": "e9e210e6-9baa-4e18-9643-734920a783c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3627", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15320", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3627\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.\n\ud83d\udccf Published: 2022-10-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-07T14:57:16.043Z\n\ud83d\udd17 References:\n1. https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047\n2. https://gitlab.com/libtiff/libtiff/-/issues/411\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3627.json\n4. https://security.netapp.com/advisory/ntap-20230110-0001/\n5. https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html\n6. https://www.debian.org/security/2023/dsa-5333", "creation_timestamp": "2025-05-07T15:22:36.000000Z"}, {"uuid": "5212c893-efba-4ba9-b170-5f07bb2d7141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36277", "type": "seen", "source": "https://t.me/cibsecurity/71606", "content": "\u203c CVE-2022-36277 \u203c\n\nThe 'sReferencia', 'sDescripcion', 'txtCodigo' and 'txtDescripcion' parameters, in the frmGestionStock.aspx and frmEditServicio.aspx files in TCMAN GIM v8.0.1, could allow an attacker to perform persistent XSS attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T20:12:00.000000Z"}, {"uuid": "31b0510d-e11e-4e10-9f26-358d77f8cb4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3627", "type": "seen", "source": "https://t.me/cibsecurity/51937", "content": "\u203c CVE-2022-3627 \u203c\n\nLibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-21T20:22:55.000000Z"}, {"uuid": "55bcd186-d8a4-4dd0-b85b-a74f976e69e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36276", "type": "seen", "source": "https://t.me/cibsecurity/71604", "content": "\u203c CVE-2022-36276 \u203c\n\nTCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T20:11:58.000000Z"}, {"uuid": "5c06207f-a19a-47a4-a435-55ab2dabec10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36270", "type": "seen", "source": "https://t.me/cibsecurity/47925", "content": "\u203c CVE-2022-36270 \u203c\n\nClinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-11T00:32:35.000000Z"}, {"uuid": "1219b2a2-37d1-4148-a6f3-3bc3e1b85ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36272", "type": "seen", "source": "https://t.me/cibsecurity/48218", "content": "\u203c CVE-2022-36272 \u203c\n\nMingsoft MCMS 5.2.8 was discovered to contain a SQL injection vulnerability in /mdiy/page/verify URI via fieldName parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-16T16:39:09.000000Z"}, {"uuid": "5b78a5a7-1496-4827-96ad-31b17fa1d2c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36273", "type": "seen", "source": "https://t.me/cibsecurity/48216", "content": "\u203c CVE-2022-36273 \u203c\n\nTenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-16T16:39:07.000000Z"}, {"uuid": "17927cb3-5249-4b0c-a35b-770d08b358df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36271", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6631", "content": "#exploit\n1. CVE-2022-36271:\nhttps://github.com/SaumyajeetDas/POC-of-CVE-2022-36271\n\n2. Sysax <= 5.53 SSH Username BoF Pre Auth RCE\nhttps://github.com/M4fiaB0y/Sysax-multi-server-ssh-username-exploit\n\n3. CVE-2022-37393:\nPrivilege escalation in Zimbra Collaboration Suite\nhttps://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis", "creation_timestamp": "2022-08-19T11:18:01.000000Z"}]}