{"vulnerability": "CVE-2022-3717", "sightings": [{"uuid": "bf2bcca8-4e0e-4934-8a37-6147f25489af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3717", "type": "seen", "source": "https://t.me/cibsecurity/52140", "content": "\u203c CVE-2022-3717 \u203c\n\nA vulnerability, which was classified as critical, has been found in Exiv2. Affected by this issue is the function BmffImage::boxHandler of the file bmffimage.cpp. The manipulation leads to memory corruption. The attack may be launched remotely. The name of the patch is a58e52ed702d3bc7b8bab7ec1d70a4849eebece3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-212348.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T14:28:20.000000Z"}, {"uuid": "95a7c640-51a1-4e8e-9270-efa000d0afc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37177", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3052", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-37177 - HireVue-Broken-Or-Risky-Cryptographic-Algorithm\nURL\uff1ahttps://github.com/JC175/CVE-2022-37177\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-27T18:45:39.000000Z"}, {"uuid": "f1635b8e-617a-4aea-8ce9-e5195bc391c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37177", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6689", "content": "#exploit\n1. ProFTPd 1.3.5 mod_copy Exploit\nhttps://github.com/thegingerninja/ProFTPd_1_3_5_mod_copy_exploit\n\n2. CVE-2022-37177:\nHireVue-Broken-Or-Risky-Cryptographic-Algorithm\nhttps://github.com/JC175/CVE-2022-37177", "creation_timestamp": "2022-08-28T15:05:20.000000Z"}, {"uuid": "4f98c127-de0f-4e29-b088-06e68f147112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37172", "type": "seen", "source": "https://t.me/cibsecurity/49073", "content": "\u203c CVE-2022-37172 \u203c\n\nIncorrect access control in the install directory (C:\\msys64) of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T14:59:21.000000Z"}, {"uuid": "2ce6195f-a0cc-4911-ba87-1912d7683870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37173", "type": "seen", "source": "https://t.me/cibsecurity/49068", "content": "\u203c CVE-2022-37173 \u203c\n\nAn issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\\Program.exe.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T00:35:58.000000Z"}, {"uuid": "ad52bbc1-43da-4606-8db4-193396bfa7c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37176", "type": "seen", "source": "https://t.me/cibsecurity/49059", "content": "\u203c CVE-2022-37176 \u203c\n\nTenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-30T20:35:43.000000Z"}, {"uuid": "a5023da4-cf93-400e-8ddf-c399a622bc88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37175", "type": "seen", "source": "https://t.me/cibsecurity/48458", "content": "\u203c CVE-2022-37175 \u203c\n\nTenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-20T00:17:43.000000Z"}]}