{"vulnerability": "CVE-2022-3718", "sightings": [{"uuid": "a6e116d0-9926-426c-ba1d-4d7ed3976c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37186", "type": "seen", "source": "https://t.me/cibsecurity/62247", "content": "\u203c CVE-2022-37186 \u203c\n\nIn LemonLDAP::NG before 2.0.15. some sessions are not deleted when they are supposed to be deleted according to the timeoutActivity setting. This can occur when there are at least two servers, and a session is manually removed before the time at which it would have been removed automatically.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-16T07:27:16.000000Z"}, {"uuid": "d7b4d8ee-11f6-4d1e-a7d1-fef098f29598", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3718", "type": "seen", "source": "https://t.me/cibsecurity/52143", "content": "\u203c CVE-2022-3718 \u203c\n\nA vulnerability, which was classified as problematic, was found in Exiv2. This affects the function QuickTimeVideo::decodeBlock of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to null pointer dereference. It is possible to initiate the attack remotely. The name of the patch is 459910c36a21369c09b75bcfa82f287c9da56abf. It is recommended to apply a patch to fix this issue. The identifier VDB-212349 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T14:28:26.000000Z"}, {"uuid": "ea549ed0-1950-48b3-b553-d5091ddbc077", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37185", "type": "seen", "source": "https://t.me/cibsecurity/49387", "content": "\u203c CVE-2022-37185 \u203c\n\nSQL injection vulnerability exists in the school information query interface (repschoolproj.php) of the EMS 6.2 system of the Office of the Thai Basic Education Commission, which can lead to data leakage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-07T00:13:39.000000Z"}, {"uuid": "fab30d73-adac-41e1-bf5a-7b646ba7d846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37189", "type": "seen", "source": "https://t.me/cibsecurity/49396", "content": "\u203c CVE-2022-37189 \u203c\n\nDDMAL MEI2Volpiano 0.8.2 is vulnerable to XML External Entity (XXE), leading to a Denial of Service. This occurs due to the usage of the unsafe 'xml.etree' library to parse untrusted XML input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-07T18:14:28.000000Z"}, {"uuid": "4ebd14be-af2a-4365-8307-8ea84db89a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37184", "type": "seen", "source": "https://t.me/cibsecurity/49144", "content": "\u203c CVE-2022-37184 \u203c\n\nThe application manage_website.php on Garage Management System 1.0 is vulnerable to Shell File Upload. The already authenticated malicious user, can upload a dangerous RCE or LCE exploit file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T22:37:07.000000Z"}, {"uuid": "00086869-a8dc-4a21-9d38-6d55be88bfa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37183", "type": "seen", "source": "https://t.me/cibsecurity/49141", "content": "\u203c CVE-2022-37183 \u203c\n\nPiwigo 12.3.0 is vulnerable to Cross Site Scripting (XSS) via /search/1940/created-monthly-list.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T22:37:03.000000Z"}]}