{"vulnerability": "CVE-2022-4563", "sightings": [{"uuid": "8b8f16ed-f7c4-4764-9d26-838c1b703098", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45637", "type": "seen", "source": "https://t.me/cibsecurity/60392", "content": "\u203c CVE-2022-45637 \u203c\n\nAn insecure password reset issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 service via insecure expiry mechanism.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-21T19:34:58.000000Z"}, {"uuid": "3d6478e5-9475-4440-a3eb-54b3f88301f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45635", "type": "seen", "source": "https://t.me/cibsecurity/60390", "content": "\u203c CVE-2022-45635 \u203c\n\nAn issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to gain access to sensitive account information via insecure password policy.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-21T19:34:57.000000Z"}, {"uuid": "5ad8624e-cb82-4ac5-9b1c-87c483d78336", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45634", "type": "seen", "source": "https://t.me/cibsecurity/60429", "content": "\u203c CVE-2022-45634 \u203c\n\nAn issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows authenticated attacker to gain access to sensitive account information\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-22T06:48:33.000000Z"}, {"uuid": "f4801dd5-d716-4b4e-9486-4b0b0ce92a61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45636", "type": "seen", "source": "https://t.me/cibsecurity/60404", "content": "\u203c CVE-2022-45636 \u203c\n\nAn issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to unlock model(s) without authorization via arbitrary API requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-21T21:35:07.000000Z"}, {"uuid": "2f169c7e-5fab-4457-900d-7087374b3e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45639", "type": "seen", "source": "https://t.me/cibsecurity/56887", "content": "\u203c CVE-2022-45639 \u203c\n\nOS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-24T07:25:30.000000Z"}, {"uuid": "3fbed0c0-46e4-48e7-832b-b621b8c413fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4563", "type": "seen", "source": "https://t.me/cibsecurity/54772", "content": "\u203c CVE-2022-4563 \u203c\n\nA vulnerability was found in Freedom of the Press SecureDrop. It has been rated as critical. Affected by this issue is some unknown functionality of the file gpg-agent.conf. The manipulation leads to symlink following. Local access is required to approach this attack. The name of the patch is b0526a06f8ca713cce74b63e00d3730618d89691. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215972.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T20:24:42.000000Z"}]}