{"vulnerability": "CVE-2022-4129", "sightings": [{"uuid": "4c87d26e-3242-49bb-b847-7ff8eb0803b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41290", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11301", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41290\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges.  IBM X-Force ID:  236690.\n\ud83d\udccf Published: 2022-12-23T19:32:42.839Z\n\ud83d\udccf Modified: 2025-04-10T18:43:07.265Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6847917\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/236690", "creation_timestamp": "2025-04-10T18:49:12.000000Z"}, {"uuid": "357c2f3f-64bb-456b-814f-233f081f69ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41299", "type": "seen", "source": "https://t.me/cibsecurity/54244", "content": "\u203c CVE-2022-41299 \u203c\n\nIBM Cloud Transformation Advisor 2.0.1 through 3.3.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 237214.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-09T22:13:37.000000Z"}, {"uuid": "56c52719-4322-4f80-8c7a-d7814a368202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4129", "type": "seen", "source": "https://t.me/cibsecurity/53601", "content": "\u203c CVE-2022-4129 \u203c\n\nA flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T00:28:14.000000Z"}, {"uuid": "83d9a577-af98-4d58-bae8-96388054525a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41294", "type": "seen", "source": "https://t.me/cibsecurity/50933", "content": "\u203c CVE-2022-41294 \u203c\n\nIBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3, and 21.0.4 is vulnerable to cross origin resource sharing using the bot api. IBM X-Force ID: 236807.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:23:13.000000Z"}, {"uuid": "0ba11dff-96ba-4d43-875e-94851b0553d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41297", "type": "seen", "source": "https://t.me/cibsecurity/53774", "content": "\u203c CVE-2022-41297 \u203c\n\nIBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 237212.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-01T20:36:52.000000Z"}, {"uuid": "e80e88a8-bffb-45a1-8c5a-b243a3ba73a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41291", "type": "seen", "source": "https://t.me/cibsecurity/50998", "content": "\u203c CVE-2022-41291 \u203c\n\nIBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T20:17:30.000000Z"}]}