{"vulnerability": "CVE-2022-3843", "sightings": [{"uuid": "3bc5324b-dbfe-40de-a7e0-d5b5a036fdd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38431", "type": "seen", "source": "https://t.me/cibsecurity/49968", "content": "\u203c CVE-2022-38431 \u203c\n\nAdobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T22:35:12.000000Z"}, {"uuid": "1f851534-7519-4b5d-9178-94b588ffc5c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3843", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7909", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3843\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H)\n\ud83d\udd39 Description: In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters.\n\n\ud83d\udccf Published: 2023-02-16T14:58:44.343Z\n\ud83d\udccf Modified: 2025-03-18T14:41:11.980Z\n\ud83d\udd17 References:\n1. https://cert.vde.com/en/advisories/VDE-2022-055/", "creation_timestamp": "2025-03-18T14:49:58.000000Z"}, {"uuid": "e069bffb-fc5b-4bf0-aec7-2d4e3304bc2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3843", "type": "seen", "source": "https://t.me/cibsecurity/58326", "content": "\u203c CVE-2022-3843 \u203c\n\nIn WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a limited set of parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T18:12:34.000000Z"}, {"uuid": "ca2dc402-bcc9-4720-a5b9-a07fcef4e86a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38435", "type": "seen", "source": "https://t.me/cibsecurity/52038", "content": "\u203c CVE-2022-38435 \u203c\n\nAdobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:27:09.000000Z"}, {"uuid": "4e8dfe2c-74c0-4947-a6c1-7c7c6122fd90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38439", "type": "seen", "source": "https://t.me/cibsecurity/50388", "content": "\u203c CVE-2022-38439 \u203c\n\nAdobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-23T22:19:46.000000Z"}, {"uuid": "1245916f-4af3-4f50-bcc4-e6df1daa99c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38438", "type": "seen", "source": "https://t.me/cibsecurity/50411", "content": "\u203c CVE-2022-38438 \u203c\n\nAdobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-23T22:27:05.000000Z"}, {"uuid": "02575251-77de-4515-9eb4-c91bceea41a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38434", "type": "seen", "source": "https://t.me/cibsecurity/49946", "content": "\u203c CVE-2022-38434 \u203c\n\nAdobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T22:29:02.000000Z"}]}