{"vulnerability": "CVE-2022-4543", "sightings": [{"uuid": "16e06117-dd0a-4335-b246-4480c1a7ecf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4543", "type": "seen", "source": "https://gist.github.com/Darkcrai86/5c0c181be7c1b80976db742d1375d6d8", "content": "", "creation_timestamp": "2025-12-09T08:42:18.000000Z"}, {"uuid": "d0393c48-670b-4153-ba0d-a41c8b91496b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4543", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:07.000000Z"}, {"uuid": "a9ba93f2-887f-4367-a794-9d64c58b6589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-4543", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "228ed35c-e4a3-483f-99dd-27f32428d267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4543", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10613", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 EntryBleed: Breaking KASLR under KPTI with Prefetch.\n\n(CVE-2022-4543)https://www.willsroot.io/2022/12/entrybleed.html", "creation_timestamp": "2023-01-19T09:06:41.000000Z"}, {"uuid": "591affbc-5cad-4b6b-bf0e-2371bc6389f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45437", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7988", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45437\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all allows Cross-Site Scripting (XSS). A user with edition privileges can create a Payload in the reporting dashboard module. An admin user can observe the Payload without interaction and attacker can get information.\n\n\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T19:20:57.800Z\n\ud83d\udd17 References:\n1. https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/\n2. https://gist.github.com/damodarnaik/06180e8a5aa237b38740486b3e398011", "creation_timestamp": "2025-03-18T19:49:03.000000Z"}, {"uuid": "5cac580b-d0a3-4069-a318-76d3fbcde3e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4543", "type": "seen", "source": "https://t.me/linkersec/199", "content": "EntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)\n\nAn article about using Meltdown to bypass KASLR despite enabled KPTI.\n\nThis bypass method has been known for a while.", "creation_timestamp": "2022-12-17T16:05:24.000000Z"}, {"uuid": "93ff149a-0cb9-4432-81f7-7f9107e9d2be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45436", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7987", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45436\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all platforms, allows Cross-Site Scripting (XSS). As a manager privilege user , create a network map containing name as xss payload. Once created, admin user must click on the edit network maps and XSS payload will be executed, which could be used for stealing admin users cookie value.\n\n\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T19:21:22.938Z\n\ud83d\udd17 References:\n1. https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/\n2. https://gist.github.com/damodarnaik/ac07a179972cd4d508f246e9bc5500e7", "creation_timestamp": "2025-03-18T19:49:02.000000Z"}, {"uuid": "1b35c457-412d-4de7-bd44-c69d36a5d73b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45431", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11524", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45431\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Some Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server.\n\ud83d\udccf Published: 2022-12-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T23:07:11.025Z\n\ud83d\udd17 References:\n1. https://www.dahuasecurity.com/support/cybersecurity/details/1137", "creation_timestamp": "2025-04-11T23:51:39.000000Z"}, {"uuid": "95f8f50f-f6ba-47dd-85d2-2ff7e9984a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45430", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11523", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45430\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could enable or disable the SSHD service.\n\ud83d\udccf Published: 2022-12-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-11T23:08:54.667Z\n\ud83d\udd17 References:\n1. https://www.dahuasecurity.com/support/cybersecurity/details/1137", "creation_timestamp": "2025-04-11T23:51:38.000000Z"}, {"uuid": "0fcc1c52-2275-445d-a3f6-50247c693ea1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4543", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1871", "content": "#Threat_Research\nEntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)\nhttps://www.willsroot.io/2022/12/entrybleed.html\n]-> https://seclists.org/oss-sec/2022/q4/198", "creation_timestamp": "2022-12-19T18:20:22.000000Z"}, {"uuid": "0c80150e-eaf5-4593-979f-420ddc1be436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4543", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1821", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25 EntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543) \n\nRecently, BitsByWill have discovered that Linux KPTI has implementation issues that can allow any unprivileged local attacker to bypass KASLR on Intel based systems. While technically only an info-leak, it still provides a primitive that has serious implications for bugs previously considered too hard to exploit and was assigned CVE-2022-4543. As you\u2019ll see why from the writeup later on, he have decided to term this attack \u201cEntryBleed.\u201d", "creation_timestamp": "2022-12-17T05:04:59.000000Z"}, {"uuid": "adb3bac4-23b4-4713-9fe4-74b0b2ab87a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4543", "type": "seen", "source": "https://t.me/cibsecurity/56348", "content": "\u203c CVE-2022-4543 \u203c\n\nA flaw named \"EntryBleed\" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T18:29:22.000000Z"}, {"uuid": "6203f674-80f6-4e48-acd2-7ce18f2ab5da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45434", "type": "seen", "source": "https://t.me/cibsecurity/55430", "content": "\u203c CVE-2022-45434 \u203c\n\nSome Dahua software products have a vulnerability of unauthenticated un-throttled ICMP requests on remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could exploit the victim server to launch ICMP request attack to the designated target host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T20:22:29.000000Z"}, {"uuid": "8e1b8e70-4d98-4da9-9735-f444bd564586", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45437", "type": "seen", "source": "https://t.me/cibsecurity/58216", "content": "\u203c CVE-2022-45437 \u203c\n\nImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all allows Cross-Site Scripting (XSS). A user with edition privileges can create a Payload in the reporting dashboard module. An admin user can observe the Payload without interaction and attacker can get information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T07:36:34.000000Z"}, {"uuid": "eeb2a58a-6acc-47b5-867b-9e4f5a7ae6eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45436", "type": "seen", "source": "https://t.me/cibsecurity/58214", "content": "\u203c CVE-2022-45436 \u203c\n\nImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Artica PFMS Pandora FMS v765 on all platforms, allows Cross-Site Scripting (XSS). As a manager privilege user , create a network map containing name as xss payload. Once created, admin user must click on the edit network maps and XSS payload will be executed, which could be used for stealing admin users cookie value.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T07:36:32.000000Z"}, {"uuid": "ae1f6420-ec68-4c1b-b5ed-3d2c78e35030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45431", "type": "seen", "source": "https://t.me/cibsecurity/55427", "content": "\u203c CVE-2022-45431 \u203c\n\nSome Dahua software products have a vulnerability of unauthenticated restart of remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated restart of remote DSS Server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T20:15:58.000000Z"}, {"uuid": "552afda7-9841-4da3-b728-3240436ec882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45430", "type": "seen", "source": "https://t.me/cibsecurity/55434", "content": "\u203c CVE-2022-45430 \u203c\n\nSome Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could enable or disable the SSHD service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T20:25:34.000000Z"}, {"uuid": "e5888e00-7639-4423-b4aa-04e7322f6fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45433", "type": "seen", "source": "https://t.me/cibsecurity/55431", "content": "\u203c CVE-2022-45433 \u203c\n\nSome Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could get the traceroute results.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T20:22:30.000000Z"}, {"uuid": "62cdf06f-312a-4781-97de-7c7ae335b9c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45432", "type": "seen", "source": "https://t.me/cibsecurity/55438", "content": "\u203c CVE-2022-45432 \u203c\n\nSome Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T20:25:39.000000Z"}, {"uuid": "5952aca9-8cda-431c-806a-0efce5c0be09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4543", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7388", "content": "#Threat_Research\nEntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)\nhttps://www.willsroot.io/2022/12/entrybleed.html\n]-> https://seclists.org/oss-sec/2022/q4/198", "creation_timestamp": "2022-12-19T12:10:30.000000Z"}]}