{"vulnerability": "CVE-2022-3887", "sightings": [{"uuid": "44584890-6177-42f5-aa6d-7e35601874d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38871", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14035", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-38871\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Free5gc v3.0.5, the AMF breaks due to malformed NAS messages.\n\ud83d\udccf Published: 2022-11-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-30T14:05:04.813Z\n\ud83d\udd17 References:\n1. https://github.com/free5gc/free5gc/issues/198", "creation_timestamp": "2025-04-30T14:13:01.000000Z"}, {"uuid": "8148e652-c8c0-447b-a18d-8241ff091460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38870", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15404", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-38870\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Free5gc v3.2.1 is vulnerable to Information disclosure.\n\ud83d\udccf Published: 2022-10-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-07T20:14:12.005Z\n\ud83d\udd17 References:\n1. https://github.com/free5gc/free5gc/issues/387", "creation_timestamp": "2025-05-07T20:22:42.000000Z"}, {"uuid": "e10d454f-bb24-4d66-bf2d-db72c04c812b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38873", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12214", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-38873\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header.\n\ud83d\udccf Published: 2022-12-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T13:52:22.982Z\n\ud83d\udd17 References:\n1. https://www.dlink.com/en/security-bulletin/\n2. https://github.com/Yuhao-W/BUG--D-Link--Firmware-Update-Vulnerabilities/blob/main/README.md", "creation_timestamp": "2025-04-17T13:57:41.000000Z"}, {"uuid": "f1e4febf-0d2b-4803-8c71-d41715221040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38871", "type": "seen", "source": "https://t.me/cibsecurity/53193", "content": "\u203c CVE-2022-38871 \u203c\n\nIn Free5gc v3.0.5, the AMF breaks due to malformed NAS messages.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-19T02:40:40.000000Z"}, {"uuid": "12f54fba-d991-4a0d-ae1e-75006ab670a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38873", "type": "seen", "source": "https://t.me/cibsecurity/54998", "content": "\u203c CVE-2022-38873 \u203c\n\nD-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2.10rc050 and earlier, DAP-2553 v3.10rc031 and earlier, DAP-2660 v1.15rc093 and earlier, DAP-2690 v3.20rc106 and earlier, DAP-2695 v1.20rc119_beta31 and earlier, DAP-3320 v1.05rc027 beta and earlier, DAP-3662 v1.05rc047 and earlier allows attackers to cause a Denial of Service (DoS) via uploading a crafted firmware after modifying the firmware header.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-20T22:12:40.000000Z"}, {"uuid": "9b288df9-89ea-448e-8bdb-8da6727dc279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3887", "type": "seen", "source": "https://t.me/cibsecurity/52701", "content": "\u203c CVE-2022-3887 \u203c\n\nUse after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T07:35:44.000000Z"}, {"uuid": "ec19a2f2-ede5-4116-a319-88bfed3f39e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38870", "type": "seen", "source": "https://t.me/cibsecurity/52048", "content": "\u203c CVE-2022-38870 \u203c\n\nFree5gc v3.2.1 is vulnerable to Information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:40:43.000000Z"}, {"uuid": "07d353d4-ea42-4f63-9da1-d3f21e5efa4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38877", "type": "seen", "source": "https://t.me/cibsecurity/49935", "content": "\u203c CVE-2022-38877 \u203c\n\nGarage Management System v1.0 is vulnerable to Arbitrary code execution via ip/garage/php_action/editProductImage.php?id=1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T20:29:05.000000Z"}, {"uuid": "3fece3fe-c715-4c19-9fb0-cca7dd874adf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-38878", "type": "seen", "source": "https://t.me/cibsecurity/49927", "content": "\u203c CVE-2022-38878 \u203c\n\nSchool Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit&amp;id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-16T20:28:52.000000Z"}]}