{"vulnerability": "CVE-2022-3638", "sightings": [{"uuid": "2af4ecca-84a2-4c43-a88d-3ab1f3d0ee52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36380", "type": "seen", "source": "https://t.me/cibsecurity/52859", "content": "\u203c CVE-2022-36380 \u203c\n\nUncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-13T05:39:04.000000Z"}, {"uuid": "a5b1e90b-4c52-4751-8d8e-3188fbaa888a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36384", "type": "seen", "source": "Telegram/4mMfgyZrunceWY4Yt9H7jQB1pujzcOASGyMzAV-E4OR0GIMS", "content": "", "creation_timestamp": "2025-02-06T02:41:39.000000Z"}, {"uuid": "5ba90fea-068a-42a1-a2d1-0c1a5d8da308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36380", "type": "seen", "source": "Telegram/QEIxpn7MfLHAyRjGQdTQ95ZWNkATluHvqV26l2r8HVVrcHYD", "content": "", "creation_timestamp": "2025-02-06T02:41:39.000000Z"}, {"uuid": "8cfc56f7-fc35-4c5f-bdde-120b259c8a20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36384", "type": "seen", "source": "Telegram/vo52ibUJkYmoUYJjQ8AfNEebBaVxlN3OCvjQT39_rQeohn00", "content": "", "creation_timestamp": "2025-02-06T02:42:29.000000Z"}, {"uuid": "0bc3c228-bf1d-403d-8c9c-fdf1ebb9cead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36380", "type": "seen", "source": "Telegram/HtdoBYHE4h5mROVqecIlwE-fZqAmmriefatCvCakfoSiaHl-", "content": "", "creation_timestamp": "2025-02-06T02:42:29.000000Z"}, {"uuid": "2e3d879d-37d0-4b8a-9f42-e73be90beb2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3638", "type": "seen", "source": "https://t.me/cibsecurity/51911", "content": "\u203c CVE-2022-3638 \u203c\n\nA vulnerability was found in Nginx and classified as problematic. This issue affects some unknown processing of the file ngx_resolver.c of the component IPv4 Off Handler. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211937 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-21T14:22:41.000000Z"}, {"uuid": "2a3e5da1-d18d-4658-a788-15317a5f693f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36383", "type": "seen", "source": "https://t.me/cibsecurity/50239", "content": "\u203c CVE-2022-36383 \u203c\n\nMultiple Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in WHA Word Search Puzzles game plugin <= 2.0.1 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T00:41:16.000000Z"}, {"uuid": "281d674a-46dd-4005-a8d2-f760362175ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36386", "type": "seen", "source": "https://t.me/cibsecurity/50238", "content": "\u203c CVE-2022-36386 \u203c\n\nAuthenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to WordPress plugin <= 3.6.7 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T00:41:14.000000Z"}, {"uuid": "e6eee4b6-f23a-4984-8c47-979a493b28ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36385", "type": "seen", "source": "https://t.me/cibsecurity/49637", "content": "\u203c CVE-2022-36385 \u203c\n\nA threat actor with momentary access to the device can plug in a USB drive and perform a malicious firmware update, resulting in permanent changes to device functionality. No authentication or controls are in place to prevent a threat actor from maliciously modifying firmware and performing a drive-by attack to load the firmware on any CMS8000 device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-25T18:23:40.000000Z"}, {"uuid": "dda7b495-a758-4575-bcaa-46518ffdff66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36389", "type": "seen", "source": "https://t.me/cibsecurity/48617", "content": "\u203c CVE-2022-36389 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin <= 1.9.9.148 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T20:27:53.000000Z"}]}