{"vulnerability": "CVE-2022-4475", "sightings": [{"uuid": "1f15ec14-e0fc-4864-ba02-ee5512980247", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44759", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnlvnzubqr2b", "content": "", "creation_timestamp": "2025-04-24T23:52:25.519288Z"}, {"uuid": "3e361f01-cc9c-4ab5-856f-7e9f9447464a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44759", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13347", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44759\n\ud83d\udd25 CVSS Score: 4.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Improper sanitization of SVG files in HCL Leap\nallows client-side script injection in deployed applications.\n\ud83d\udccf Published: 2025-04-24T20:38:36.710Z\n\ud83d\udccf Modified: 2025-04-24T20:38:36.710Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119900", "creation_timestamp": "2025-04-24T21:07:12.000000Z"}, {"uuid": "b9885f46-d182-4641-bff9-dd4a760b5f2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44753", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12249", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44753\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView.  This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. \u00a0This vulnerability applies to software previously licensed by IBM.\n\n\ud83d\udccf Published: 2022-12-17T01:52:52.495Z\n\ud83d\udccf Modified: 2025-04-17T14:32:13.332Z\n\ud83d\udd17 References:\n1. https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100260", "creation_timestamp": "2025-04-17T14:58:35.000000Z"}, {"uuid": "85d1ff59-b779-411a-831c-b37403e2e23e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44759", "type": "seen", "source": "https://t.me/cvedetector/23710", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-44759 - HCL Leap SVG Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-44759 \nPublished : April 24, 2025, 9:15 p.m. | 1\u00a0hour, 20\u00a0minutes ago \nDescription : Improper sanitization of SVG files in HCL Leap  \nallows client-side script injection in deployed applications. \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-25T00:47:56.000000Z"}, {"uuid": "165e3b43-935c-4445-8d59-3a8abdef00c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44757", "type": "seen", "source": "https://t.me/cibsecurity/72067", "content": "\u203c CVE-2022-44757 \u203c\n\nBigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain access to sensitive information, modify data in unexpected ways, etc.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T12:17:24.000000Z"}, {"uuid": "692a13fb-fedc-4601-aa70-d0a02cd94068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44758", "type": "seen", "source": "https://t.me/cibsecurity/72062", "content": "\u203c CVE-2022-44758 \u203c\n\nBigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T12:17:16.000000Z"}, {"uuid": "555389b7-a65e-4b5d-b25d-4ccccf7a6823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4475", "type": "seen", "source": "https://t.me/cibsecurity/56845", "content": "\u203c CVE-2022-4475 \u203c\n\nThe Collapse-O-Matic WordPress plugin before 1.8.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-23T18:25:16.000000Z"}, {"uuid": "ad612d93-b60b-49a3-9386-bde607d8e863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44756", "type": "seen", "source": "https://t.me/cibsecurity/55062", "content": "\u203c CVE-2022-44756 \u203c\n\nInsights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. This may lead to information disclosure. This requires privileged access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T20:12:53.000000Z"}, {"uuid": "fc0c70b6-c011-49d1-a70c-605cf182be25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44752", "type": "seen", "source": "https://t.me/cibsecurity/54850", "content": "\u203c CVE-2022-44752 \u203c\n\nIBM Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:36.000000Z"}, {"uuid": "89c0cdf1-529f-42b2-aa23-34d6cfb35811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44750", "type": "seen", "source": "https://t.me/cibsecurity/54849", "content": "\u203c CVE-2022-44750 \u203c\n\nIBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:35.000000Z"}, {"uuid": "8c1a24fd-9d0a-423d-9fa9-4b6eb70d7c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44754", "type": "seen", "source": "https://t.me/cibsecurity/54849", "content": "\u203c CVE-2022-44750 \u203c\n\nIBM Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:35.000000Z"}, {"uuid": "844ab8ae-3ccf-4820-a4e4-355057640bed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44751", "type": "seen", "source": "https://t.me/cibsecurity/54845", "content": "\u203c CVE-2022-44751 \u203c\n\nIBM Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44755.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:31.000000Z"}, {"uuid": "d36e8652-3986-45ab-ab75-18a5c4912c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44755", "type": "seen", "source": "https://t.me/cibsecurity/54845", "content": "\u203c CVE-2022-44751 \u203c\n\nIBM Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44755.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:31.000000Z"}, {"uuid": "a14bf2df-6b04-4a07-9505-6ac930c6c3e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44753", "type": "seen", "source": "https://t.me/cibsecurity/54844", "content": "\u203c CVE-2022-44753 \u203c\n\nIBM Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:30.000000Z"}]}