{"vulnerability": "CVE-2022-3636", "sightings": [{"uuid": "6b65c0e7-f5e4-4b4e-ab7a-8ea79071fee3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36363", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltb6djgj7q2i", "content": "", "creation_timestamp": "2025-07-06T01:59:15.286268Z"}, {"uuid": "b9f19bca-1c85-490d-861e-949b5b3e77c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36368", "type": "seen", "source": "https://t.me/cibsecurity/51981", "content": "\u203c CVE-2022-36368 \u203c\n\nMultiple stored cross-site scripting vulnerabilities in the web user interface of IPFire versions prior to 2.27 allows a remote authenticated attacker with administrative privilege to inject an arbitrary script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-24T18:25:49.000000Z"}, {"uuid": "0f0e7418-e009-4a6d-bf41-1b6a9781f490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3636", "type": "seen", "source": "https://t.me/cibsecurity/51915", "content": "\u203c CVE-2022-3636 \u203c\n\nA vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211935.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-21T14:22:48.000000Z"}, {"uuid": "25678489-9421-475b-923f-f57917d99c4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36362", "type": "seen", "source": "https://t.me/cibsecurity/51112", "content": "\u203c CVE-2022-36362 \u203c\n\nA vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not conduct certain validations when interacting with them. This could allow an unauthenticated remote attacker to manipulate the devices IP address, which means the device would not be reachable and could only be recovered by power cycling the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T14:26:05.000000Z"}, {"uuid": "768f649e-b6ca-414e-8d40-8efc437dd5e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36361", "type": "seen", "source": "https://t.me/cibsecurity/51111", "content": "\u203c CVE-2022-36361 \u203c\n\nA vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not properly validate the structure of TCP packets in several methods. This could allow an attacker to cause buffer overflows, get control over the instruction counter and run custom code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T14:26:04.000000Z"}, {"uuid": "aa7ad215-cf7d-4d72-8b9f-91fbb8205b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36363", "type": "seen", "source": "https://t.me/cibsecurity/51106", "content": "\u203c CVE-2022-36363 \u203c\n\nA vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). Affected devices do not properly validate an offset value which can be defined in TCP packets when calling a method. This could allow an attacker to retrieve parts of the content of the memory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T14:25:56.000000Z"}, {"uuid": "ef1a870a-b7c9-4846-a3e0-f93bc14433f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36360", "type": "seen", "source": "https://t.me/cibsecurity/51098", "content": "\u203c CVE-2022-36360 \u203c\n\nA vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Affected devices load firmware updates without checking the authenticity. Furthermore the integrity of the unencrypted firmware is only verified by a non-cryptographic method. This could allow an attacker to manipulate a firmware update and flash it to the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T14:25:45.000000Z"}, {"uuid": "23319efc-3d5b-4451-ba90-f3a44cf194ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36365", "type": "seen", "source": "https://t.me/cibsecurity/50241", "content": "\u203c CVE-2022-36365 \u203c\n\nMultiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA Crossword plugin <= 1.1.10 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T00:46:15.000000Z"}, {"uuid": "6b31c970-502a-464c-aadc-75d5caa53538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36364", "type": "seen", "source": "https://t.me/cibsecurity/47189", "content": "\u203c CVE-2022-36364 \u203c\n\nApache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary classes and in rare cases remote code execution. To exploit the vulnerability: 1) the attacker needs to have privileges to control JDBC connection parameters; 2) and there should be a vulnerable class (constructor with URL parameter and ability to execute code) in the classpath. From Apache Calcite Avatica 1.22.0 onwards, it will be verified that the class implements the expected interface before invoking its constructor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-28T12:18:35.000000Z"}]}