{"vulnerability": "CVE-2022-3799", "sightings": [{"uuid": "109cd79b-dc0e-4d93-824a-a77b256eb248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37990", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html", "content": "", "creation_timestamp": "2024-04-18T16:45:00.000000Z"}, {"uuid": "e45064e7-b2b4-4226-883d-782c3fb212ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37991", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html", "content": "", "creation_timestamp": "2024-04-18T16:45:00.000000Z"}, {"uuid": "d4f11f48-d3aa-4420-9982-acaa93841028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37991", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2024/12/the-windows-registry-adventure-5-regf.html", "content": "", "creation_timestamp": "2024-12-19T18:03:00.000000Z"}, {"uuid": "76dcff5b-aaa7-4541-8b77-7b6eb6f55f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37990", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T07:05:54.874000Z"}, {"uuid": "6096ee5f-fb56-41f8-91f6-606dff98ba52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37991", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T07:05:54.874000Z"}, {"uuid": "aeedc960-b40b-4852-83f0-52793eb3c33c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37990", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T05:00:00.000000Z"}, {"uuid": "45c33952-db44-4c8c-935f-d0ff17fbd981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37991", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T05:00:00.000000Z"}, {"uuid": "ee0f6138-4e8c-4a12-b244-5b9849b51f35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37998", "type": "seen", "source": "https://t.me/cibsecurity/51166", "content": "\u203c CVE-2022-37973 \u203c\n\nWindows Local Session Manager (LSM) Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-37998.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T22:32:15.000000Z"}, {"uuid": "ccdac683-9bac-48fd-9a17-47e4fb391cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3799", "type": "seen", "source": "https://t.me/arpsyndicate/4885", "content": "#ExploitObserverAlert\n\nCVE-2022-3799\n\nDESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2022-3799. A vulnerability classified as critical was found in IBAX go-ibax. Affected by this vulnerability is an unknown functionality of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212635.\n\nFIRST-EPSS: 0.000930000\nNVD-IS: 5.9\nNVD-ES: 2.8\nARPS-PRIORITY: 0.9586814", "creation_timestamp": "2024-04-25T22:50:56.000000Z"}, {"uuid": "dcd1800f-7bed-4859-bd53-dbf3794726cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37998", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1787", "content": "\ud83d\udd25You\u2019ve Crossed the Line \u2014 Disturbing a Host\u2019s Rest\n\nAkamai Security Research dove deeply into MS-RPC research this past year. For a protocol that does so much, MS-RPC is largely under-researched, and it can have real-world effects. One of those effects is that vulnerabilities in an RPC interface become exposed. This is what we are focusing on in this blog post: vulnerabilities within the Local Session Manager (LSM) RPC interface. \n\n\ud83d\udd25cve-2022-37973 PoC Exploit \n\ud83d\udd25cve-2022-37998 PoC Exploit\n\n\ud83e\uddf0RPC Toolkit(set of tools, articles, blog posts and links to help security researchers drive their RPC research)", "creation_timestamp": "2022-12-15T17:06:35.000000Z"}, {"uuid": "435487a9-4880-470e-b5d5-7ca1e0abe7e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37997", "type": "seen", "source": "https://t.me/cibsecurity/51143", "content": "\u203c CVE-2022-38051 \u203c\n\nWindows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37997.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T22:26:05.000000Z"}, {"uuid": "ae267ae9-7a07-4be0-a875-c1facc9de5ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3799", "type": "seen", "source": "https://t.me/cibsecurity/52398", "content": "\u203c CVE-2022-3799 \u203c\n\nA vulnerability classified as critical was found in IBAX go-ibax. Affected by this vulnerability is an unknown functionality of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212635.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T19:13:58.000000Z"}]}