{"vulnerability": "CVE-2022-3816", "sightings": [{"uuid": "029687e4-df43-4207-80b0-e789687260ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38162", "type": "seen", "source": "https://t.me/cibsecurity/52073", "content": "\u203c CVE-2022-38162 \u203c\n\nReflected cross-site scripting (XSS) vulnerabilities in WithSecure through 2022-08-10) exists within the F-Secure Policy Manager due to an unvalidated parameter in the endpoint, which allows remote attackers to provide a malicious input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-26T00:14:56.000000Z"}, {"uuid": "e3de65bf-648e-4cac-9942-d23c674462ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38165", "type": "seen", "source": "https://t.me/cibsecurity/53118", "content": "\u203c CVE-2022-38165 \u203c\n\nWithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 4 of 5).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T02:17:59.000000Z"}, {"uuid": "adf8cd8e-e907-4d12-969f-3148c73f063b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38163", "type": "seen", "source": "https://t.me/cibsecurity/52601", "content": "\u203c CVE-2022-38163 \u203c\n\nWithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 2 of 5).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-07T18:34:28.000000Z"}, {"uuid": "94299fab-8fa9-41cf-bc3b-77f170052b1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3816", "type": "seen", "source": "https://t.me/cibsecurity/52441", "content": "\u203c CVE-2022-3816 \u203c\n\nA vulnerability, which was classified as problematic, was found in Axiomatic Bento4. Affected is an unknown function of the component mp4decrypt. The manipulation leads to memory leak. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212682 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T01:19:13.000000Z"}, {"uuid": "edbe537c-50c7-403d-be4d-9eb4ffab67ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38166", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13835", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-38166\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.\n\ud83d\udccf Published: 2022-11-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T14:55:54.830Z\n\ud83d\udd17 References:\n1. https://www.f-secure.com/en/home/support/security-advisories/cve-2022-38166", "creation_timestamp": "2025-04-29T15:11:43.000000Z"}, {"uuid": "cc03d8dd-2766-41bc-b652-c6ec189de954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38166", "type": "seen", "source": "https://t.me/cibsecurity/53503", "content": "\u203c CVE-2022-38166 \u203c\n\nIn F?Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-25T18:20:23.000000Z"}, {"uuid": "acb841c5-9469-409a-8ff3-598969f67e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38161", "type": "seen", "source": "https://t.me/cibsecurity/47927", "content": "\u203c CVE-2022-38161 \u203c\n\nThe Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-11T07:26:24.000000Z"}]}