{"vulnerability": "CVE-2022-4272", "sightings": [{"uuid": "35d152de-f98b-4a0b-8ad8-d8b93d834804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42721", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16579", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42721\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.\n\ud83d\udccf Published: 2022-10-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-15T20:45:39.878Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=1204060\n2. http://www.openwall.com/lists/oss-security/2022/10/13/5\n3. https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=bcca852027e5878aec911a347407ecc88d6fff7f\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/\n6. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/\n7. https://www.debian.org/security/2022/dsa-5257\n8. https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html\n9. http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html\n10. https://security.netapp.com/advisory/ntap-20230203-0008/", "creation_timestamp": "2025-05-15T21:33:34.000000Z"}, {"uuid": "0f10da93-86b0-43dc-afb9-fe7efa95ea61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42720", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16578", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42720\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.\n\ud83d\udccf Published: 2022-10-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-15T20:47:12.558Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=1204059\n2. http://www.openwall.com/lists/oss-security/2022/10/13/5\n3. https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=0b7808818cb9df6680f98996b8e9a439fa7bcc2f\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GGHENNMLCWIQV2LLA56BJNFIUZ7WB4IY/\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VNN3VFQPECS6D4PS6ZWD7AFXTOSJDSSR/\n6. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S2KTU5LFZNQS7YNGE56MT46VHMXL3DD2/\n7. https://www.debian.org/security/2022/dsa-5257\n8. https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html\n9. http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html\n10. https://security.netapp.com/advisory/ntap-20230203-0008/", "creation_timestamp": "2025-05-15T21:33:33.000000Z"}, {"uuid": "337f1943-5bc1-4dbf-a93c-0e5526d52802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4272", "type": "seen", "source": "https://t.me/cibsecurity/53947", "content": "\u203c CVE-2022-4272 \u203c\n\nA vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by this issue is some unknown functionality of the file /product/savenewproduct.php?flag=1. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214760.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-03T23:59:51.000000Z"}, {"uuid": "5c5b4b0d-5748-4c2b-a5d4-a5e71b67b78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42721", "type": "seen", "source": "https://t.me/cibsecurity/51391", "content": "\u203c CVE-2022-42721 \u203c\n\nA list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T07:28:25.000000Z"}, {"uuid": "ab9bd1d2-fdaf-4b3f-908d-55bb32f8b3fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42722", "type": "seen", "source": "https://t.me/cibsecurity/51387", "content": "\u203c CVE-2022-42722 \u203c\n\nIn the Linux kernel 5.8 through 5.19.14, local attackers able to inject WLAN frames into the mac80211 stack could cause a NULL pointer dereference denial-of-service attack against the beacon protection of P2P devices.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T07:28:18.000000Z"}, {"uuid": "e07dedef-ff36-4e45-bfe3-0f69e624e633", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42720", "type": "seen", "source": "https://t.me/cibsecurity/51386", "content": "\u203c CVE-2022-42720 \u203c\n\nVarious refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.14 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-14T07:28:17.000000Z"}]}