{"vulnerability": "CVE-2022-4140", "sightings": [{"uuid": "08c9954e-6235-4bcd-89c3-61bbd24e8de4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41409", "type": "seen", "source": "https://t.me/cibsecurity/66914", "content": "\u203c CVE-2022-41409 \u203c\n\nInteger overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-18T18:32:48.000000Z"}, {"uuid": "16f885f3-a553-4ac8-ab6f-f84904db1139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-41409", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "d0cf4311-2fc0-4bee-8432-d66e04a0343c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41400", "type": "seen", "source": "Telegram/wQKwLnRP-LMBGMn0epI14c3xS8vf2UbCH3uc3voQfAvjENQ6", "content": "", "creation_timestamp": "2025-01-30T23:28:04.000000Z"}, {"uuid": "3eb93a51-8fbe-4d58-94db-c9656cf53cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41400", "type": "seen", "source": "https://t.me/cibsecurity/63043", "content": "\u203c CVE-2022-41400 \u203c\n\nSage 300 through 2022 uses a hard-coded 40-byte blowfish key to encrypt and decrypt user passwords and SQL connection strings stored in ISAM database files in the shared data directory. This issue could allow attackers to decrypt user passwords and SQL connection strings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T16:27:16.000000Z"}, {"uuid": "5c9f8fc6-a6f5-4848-9495-79f62cb800e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4140", "type": "seen", "source": "https://t.me/cibsecurity/55758", "content": "\u203c CVE-2022-4140 \u203c\n\nThe Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file, which could allow unauthenticated attacker to read arbitrary files on the server\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-03T00:16:55.000000Z"}, {"uuid": "b1ee111b-55e6-4f7c-aae6-c18e946e6cab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41401", "type": "seen", "source": "https://t.me/cibsecurity/67769", "content": "\u203c CVE-2022-41401 \u203c\n\nOpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-04T20:40:59.000000Z"}, {"uuid": "8dfd63b6-2e98-48e8-b263-df1938f28189", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41404", "type": "seen", "source": "https://t.me/cibsecurity/51223", "content": "\u203c CVE-2022-41404 \u203c\n\nAn issue in the fetch() method in the BasicProfile class of org.ini4j before v0.5.4 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-12T02:26:11.000000Z"}, {"uuid": "cebb743b-da23-4872-9383-d99d9dfff610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41403", "type": "seen", "source": "https://t.me/cibsecurity/51286", "content": "\u203c CVE-2022-41403 \u203c\n\nOpenCart 3.x Newsletter Custom Popup was discovered to contain a SQL injection vulnerability via the email parameter at index.php?route=extension/module/so_newletter_custom_popup/newsletter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-12T22:27:07.000000Z"}]}