{"vulnerability": "CVE-2022-3644", "sightings": [{"uuid": "78557b87-75de-434d-b566-020326ca5a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36449", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "content": "", "creation_timestamp": "2022-11-22T21:05:00.000000Z"}, {"uuid": "1e02e77e-922e-4e2f-a7d4-4651e820877c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "edd60a80-1dea-4dcb-896e-22e899ec7904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:47.000000Z"}, {"uuid": "9235b856-3d43-4d76-a099-6934dd0e21d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36448", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36448\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver.\n\ud83d\udccf Published: 2022-09-28T15:50:09.000Z\n\ud83d\udccf Modified: 2025-05-21T14:26:24.754Z\n\ud83d\udd17 References:\n1. https://www.insyde.com/security-pledge\n2. https://binarly.io/advisories/BRLY-2022-023/index.html\n3. https://www.insyde.com/security-pledge/SA-2022032", "creation_timestamp": "2025-05-21T14:46:08.000000Z"}, {"uuid": "433bd582-ef8d-41f1-9e76-22a681755360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:04.000000Z"}, {"uuid": "77f858bd-3356-43f4-838f-85ebc86926c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/webmin_package_updates_rce.rb", "content": "", "creation_timestamp": "2022-08-09T20:35:21.000000Z"}, {"uuid": "145e1d07-7f5a-4fc7-9930-170f906e4cde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:46.000000Z"}, {"uuid": "3ec1f3aa-1ca6-4dd8-9d2c-c7dca3b9a5f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2916", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin &lt; 1.997.\nURL\uff1ahttps://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-16T18:48:39.000000Z"}, {"uuid": "3971cc14-58b7-458c-bab3-641dce116d44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "https://t.me/Blackhat_Officials/548", "content": "RCE (Authenticated) on Webmin &lt; 1.997\nCVE-2022-36446\nexploit\n\n#exploit #webmin", "creation_timestamp": "2023-11-16T09:15:21.000000Z"}, {"uuid": "ab11ca08-0df7-4f44-893e-586c83aac8fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2337", "content": "#\u041f\u041e #CVE\n\nWebmin Software Package Updates RCE\nCVE-2022-36446\n\nA Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin", "creation_timestamp": "2022-08-22T19:32:04.000000Z"}, {"uuid": "62a98cc3-fe37-410f-baf6-c39cd0468990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "https://t.me/Blackhat_Officials/613", "content": "RCE (Authenticated) on Webmin &lt; 1.997\nCVE-2022-36446\nexploit\n\n#exploit #webmin", "creation_timestamp": "2023-11-21T09:13:49.000000Z"}, {"uuid": "3b57336e-9df5-4517-aa75-29cc70b33939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "https://t.me/Blackhat_Officials/333", "content": "RCE (Authenticated) on Webmin &lt; 1.997\nCVE-2022-36446\nexploit\n\n#exploit #webmin", "creation_timestamp": "2023-11-16T09:11:44.000000Z"}, {"uuid": "823f5fc7-185d-4255-92e1-417d95a4fab7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36440", "type": "seen", "source": "Telegram/rklKJDdoLvwOk0Nnf_awtM0CPuUWUptbs4guIewj3oosuw", "content": "", "creation_timestamp": "2023-04-03T22:19:26.000000Z"}, {"uuid": "7d3cbeb8-a65c-44f8-8be8-6550751624f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "https://t.me/proxy_bar/940", "content": "RCE (Authenticated) on Webmin &lt; 1.997\nCVE-2022-36446\nexploit\n\n#exploit #webmin", "creation_timestamp": "2022-08-20T08:39:42.000000Z"}, {"uuid": "ef84acc1-cceb-4a04-af3a-42fb93384119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "https://t.me/wireshark_hacking/581", "content": "RCE (Authenticated) on Webmin &lt; 1.997\nCVE-2022-36446\nexploit\n\n#exploit #webmin", "creation_timestamp": "2022-08-20T08:42:40.000000Z"}, {"uuid": "d407d135-a191-4be1-8e0a-a29eec82a912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36441", "type": "seen", "source": "https://t.me/cibsecurity/56319", "content": "\u203c CVE-2022-36441 \u203c\n\nAn issue was discovered in Zebra Enterprise Home Screen 4.1.19. The Gboard used by different applications can be used to launch and use several other applications that are restricted by the admin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:44:52.000000Z"}, {"uuid": "1d780a14-998c-4c6a-9661-b7089d4711d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36449", "type": "published-proof-of-concept", "source": "Telegram/kf4Urssb8wJGlEy3ZhDQuJbRUyCxL_25Ub6xyNT9N9dN9Mg", "content": "", "creation_timestamp": "2023-07-14T08:26:05.000000Z"}, {"uuid": "0c764595-53e9-425b-917a-1b2bc96074ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "published-proof-of-concept", "source": "Telegram/ifN5Ur306AxgyGzJSshbIalwjyMW63ntw4rmYtFo8fIi_w", "content": "", "creation_timestamp": "2022-08-22T11:18:06.000000Z"}, {"uuid": "a2054507-ac5c-46a9-9447-b00be408de55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "published-proof-of-concept", "source": "Telegram/aZeoeHaUH91sDIP8WfpxrTPpj8Ttr3ccHxOATZQdL7aOMg", "content": "", "creation_timestamp": "2022-08-11T16:14:53.000000Z"}, {"uuid": "790fdc43-b00c-45c3-bd0a-20aba45f3024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/18648", "content": "https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE", "creation_timestamp": "2022-08-25T21:16:04.000000Z"}, {"uuid": "17e833c3-d5b1-4bd1-88e6-e2b781c7883e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36449", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3742", "content": "\u0417\u0430\u0434\u0435\u0440\u0436\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c\u0438 Android-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u0437 \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u0434\u0435\u043b\u0430\u0435\u0442 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u044b \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043c\u043e\u0434\u0435\u043b\u0438 Google, Samsung, Xiaomi, Oppo, Vivo, Honor, Asus, RealMe, Motorola, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0430\u0440\u043e\u043a. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0447\u0438\u043f\u043e\u0432 Arm Mali \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c-\u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f (OEM) \u043d\u0443\u0436\u043d\u043e \u0432\u0440\u0435\u043c\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0438\u0445 \u0432 \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u2014 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u0435\u0442 \u0432\u0440\u0435\u043c\u044f \u0434\u043e \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0422\u0440\u0435\u0432\u043e\u0433\u0443 \u0437\u0430\u0431\u0438\u043b\u0438 Google Project Zero, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u00ab\u043f\u0440\u043e\u0431\u0435\u043b\u0435 \u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445\u00bb.\n\nProject Zero \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438  CVE-2022-33917 \u0438 CVE-2022-36449 (\u0441\u043e\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438) \u0432 \u0438\u044e\u043d\u0435 2022 \u0433\u043e\u0434\u0430.\n\nCVE-2022-33917 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 GPU \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u044b\u043c \u0440\u0430\u0437\u0434\u0435\u043b\u0430\u043c \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u044f\u0434\u0440\u0430 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u043e\u0442 Valhall r29p0 \u0434\u043e r38p0.\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u0412\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u044f\u0434\u0440\u0430 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u043e\u0442 Midgard r4p0 \u0434\u043e r32p0, Bifrost \u043e\u0442 r0p0 \u0434\u043e r38p0 \u0438 r39p0 \u0434\u043e r38p1 \u0438 Valhall \u043e\u0442 r19p0 \u0434\u043e r38p0 \u0438 r39p0 \u0434\u043e r38p1.\n\n\u0414\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Mali \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0442\u0430\u043a\u0438\u043c\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438, \u043a\u0430\u043a MediaTek, HiSilicon Kirin \u0438 Exyno, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e Android-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430 \u0440\u044b\u043d\u043a\u0435.\n\nProject Zero \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u044d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043a\u0430\u043a (2325, 2327, 2331, 2333 \u0438 2334) \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u044e\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Android.\n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u0442 Arm \u0435\u0449\u0435 \u043d\u0435 \u0434\u043e\u0448\u043b\u043e \u0434\u043e OEM-\u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432 \u0438 \u0442\u0435\u0441\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Android \u0438 Pixel.\n\n\u0427\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0435\u043b\u044c Android \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0432\u043e\u0438\u043c \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0431\u0443\u0434\u0443\u0442 \u0441\u0430\u043c\u0438 \u043d\u0435\u0441\u0442\u0438 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0437\u0430 \u0435\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0436\u0435 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0434\u0435\u043b\u0430\u0442\u044c, \u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u0442\u044c, \u043f\u043e\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u0438\u0445 \u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432 \u0432\u044b\u043a\u0430\u0442\u044f\u0442 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Midgard \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0438\u043c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043f\u043e\u043f\u0440\u043e\u0449\u0430\u0442\u044c\u0441\u044f \u0441\u043e \u0441\u0432\u043e\u0438\u043c\u0438 \u0433\u0430\u0434\u0436\u0435\u0442\u0430\u043c\u0438.", "creation_timestamp": "2022-11-24T12:08:24.000000Z"}, {"uuid": "aafb6c5a-fd25-4e59-adf2-077d667a4023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "Telegram/Hfv0X0ZBmNoKkSwa354bPle_D-vIum_aANYRC31BcrFo5Do", "content": "", "creation_timestamp": "2022-09-19T05:39:53.000000Z"}, {"uuid": "11357e74-6102-4205-af29-1b5e99439447", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36440", "type": "seen", "source": "https://t.me/cibsecurity/61336", "content": "\u203c CVE-2022-36440 \u203c\n\nA reachable assertion was found in Frrouting frr-bgpd 8.3.0 in the peek_for_as4_capability function. Attackers can maliciously construct BGP open packets and send them to BGP peers running frr-bgpd, resulting in DoS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-03T20:30:12.000000Z"}, {"uuid": "1032d561-47eb-40dc-a2fa-9b0679a766fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3644", "type": "seen", "source": "https://t.me/cibsecurity/52067", "content": "\u203c CVE-2022-3644 \u203c\n\nThe collection remote for pulp_ansible stores tokens in plaintext instead of using pulp's encrypted field and exposes them in read/write mode via the API () instead of marking it as write only.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T22:26:49.000000Z"}, {"uuid": "e79f0bf3-e4c6-4eda-bd8a-3b3464eb1b11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36442", "type": "seen", "source": "https://t.me/cibsecurity/56256", "content": "\u203c CVE-2022-36442 \u203c\n\nAn issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install an unauthorized application via a downloaded APK.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T00:28:46.000000Z"}, {"uuid": "2a75e7cd-1ec2-4e33-bb9f-d89fe7fa5108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36444", "type": "seen", "source": "https://t.me/cibsecurity/46884", "content": "\u203c CVE-2022-36444 \u203c\n\nAn issue was discovered in Atos Unify OpenScape SBC 9 and 10 before 10R2.2.1, Atos Unify OpenScape Branch 9 and 10 before version 10R2.1.1, and Atos Unify OpenScape BCF 10 before 10R9.12.1. A remote code execution vulnerability may allow an unauthenticated attacker (with network access to the admin interface) to disrupt system availability or potentially compromise the confidentiality and integrity of the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T12:32:53.000000Z"}, {"uuid": "928d687c-1e8c-44af-aeb5-0c633dbe505d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36448", "type": "seen", "source": "https://t.me/cibsecurity/50605", "content": "\u203c CVE-2022-36448 \u203c\n\nAn issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-28T20:34:16.000000Z"}, {"uuid": "79c66518-f232-420e-9219-6c30c1a63f0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "seen", "source": "https://t.me/cibsecurity/46883", "content": "\u203c CVE-2022-36446 \u203c\n\nsoftware/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T12:32:52.000000Z"}, {"uuid": "91f81f06-f5ba-4a8e-8f4c-b5e91decc9f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36447", "type": "seen", "source": "https://t.me/cibsecurity/47298", "content": "\u203c CVE-2022-36447 \u203c\n\nAn inflation issue was discovered in Chia Network CAT1 Standard 1.0.0. Previously minted tokens minted on the Chia blockchain using the CAT1 standard can be inflated to an arbitrary extent by any holder of any amount of the token. The total amount of the token can be increased as high as the malicious actor pleases. This is true for every CAT1 on the Chia blockchain regardless of issuance rules. This attack is auditable on chain, so maliciously altered coins can potentially be marked by off-chain observers as malicious.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-30T00:13:52.000000Z"}, {"uuid": "6aa4bc1d-4fae-48b5-be07-5c3ae2ff58c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6442", "content": "A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin &lt; 1.997\n\nhttps://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE", "creation_timestamp": "2022-08-12T19:06:30.000000Z"}, {"uuid": "bf8a1b04-db70-4f64-b5f7-f5b535ffc565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36446", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6591", "content": "#exploit\n1. CVE-2022-36446:\nSoftware Package Updates RCE (Auth) on Webmin &lt;1.997\nhttps://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE\n\n2. CVE-2022-27255:\nRealtek eCos SDK SIP ALG Buffer Overflow\nhttps://github.com/infobyte/cve-2022-27255\n\n3. CVE-2022-35741:\nApache CloudStack SAML XXE Injection\nhttps://xz.aliyun.com/t/11600", "creation_timestamp": "2022-08-14T13:05:01.000000Z"}, {"uuid": "0170a7c0-de2e-4390-b66d-0a2e2a599c48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36449", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8378", "content": "#exploit\n1. CVE-2022-36449:\nMali GPU Kernel Driver - improper GPU memory processing operations\nhttps://github.blog/2023-05-25-rooting-with-root-cause-finding-a-variant-of-a-project-zero-bug\n\n2. CVE-2023-30212:\nDocker Exploit (XSS)\nhttps://github.com/libasmon/Exploite-CVE-2023-30212-Vulnerability\nhttps://github.com/libasmon/Exploite-CVE-2023-30212-Vulnera", "creation_timestamp": "2023-06-12T00:58:47.000000Z"}]}