{"vulnerability": "CVE-2022-3724", "sightings": [{"uuid": "9f3e6839-506c-4c6b-8b99-296f10c57ba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3724", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12971", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3724\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows\n\ud83d\udccf Published: 2022-12-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T19:27:54.111Z\n\ud83d\udd17 References:\n1. https://www.wireshark.org/security/wnpa-sec-2022-08.html\n2. https://gitlab.com/wireshark/wireshark/-/issues/18384\n3. https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3724.json", "creation_timestamp": "2025-04-22T20:05:18.000000Z"}, {"uuid": "ffcfabdb-e624-4d75-abd3-6552644f6609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37247", "type": "seen", "source": "https://t.me/cibsecurity/50003", "content": "\u203c CVE-2022-37247 \u203c\n\nCraft CMS 4.2.0.1 is vulnerable to stored a cross-site scripting (XSS) via /admin/settings/fields page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-17T02:35:19.000000Z"}, {"uuid": "2ab17756-a82d-4688-a87d-137b4936b293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3724", "type": "seen", "source": "https://t.me/cibsecurity/54236", "content": "\u203c CVE-2022-3724 \u203c\n\nCrash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file on Windows\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-09T20:18:47.000000Z"}, {"uuid": "453acb80-2859-4169-9c1a-f3b4e7580d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37248", "type": "seen", "source": "https://t.me/cibsecurity/49936", "content": "\u203c CVE-2022-37248 \u203c\n\nCraft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via src/helpers/Cp.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T20:29:06.000000Z"}, {"uuid": "4934cebc-b11a-4988-beaa-796c69e9acc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37243", "type": "seen", "source": "https://t.me/cibsecurity/48768", "content": "\u203c CVE-2022-37243 \u203c\n\nMDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T18:37:17.000000Z"}, {"uuid": "cff2966c-6047-4b52-b3d5-4d1b4344ad85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37240", "type": "seen", "source": "https://t.me/cibsecurity/48737", "content": "\u203c CVE-2022-37240 \u203c\n\nMDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to HTTP Response splitting via the format parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T18:30:00.000000Z"}]}