{"vulnerability": "CVE-2022-46697", "sightings": [{"uuid": "cfe4c9f2-e550-4544-824b-1063a6f0e9e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46697", "type": "seen", "source": "Telegram/wXJFleV8vEaWRjyjght-R7V6rgaHTWmrrJG5mADAecKVQmw", "content": "", "creation_timestamp": "2023-04-09T15:26:50.000000Z"}, {"uuid": "6f007195-3aa6-4202-a2b3-a63fa3f2ed36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46697", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2874", "content": "25 Tools - Hackers Factory\n\n\u200b\u200bOctopus\n\nA security analysis framework for WebAssembly module and Blockchain Smart Contract.\n\nhttps://github.com/FuzzingLabs/octopus\n\n#cybersecurity #infosec\n\n\u200b\u200bPenetration-Testing-Cheat-Sheet\n\nA guide to help people who are new to penetration testing and are looking to gain an overview of the penetration testing process. This guide will help anyone hoping to take the CREST CRT or Offensive Security's OSCP exam and will aim to cover each stage of compromising a host.\n\nhttps://github.com/curtishoughton/Penetration-Testing-Cheat-Sheet\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bViDeZZo\n\nA virtual device fuzzing framework considering both intra- and inter-message dependencies to balance fuzzing scalability and efficiency.\n\nhttps://github.com/HexHive/ViDeZZo\n\n#cybersecurity #infosec\n\n\u200b\u200bBug Bounty Beginner's Roadmap\n\nThis is a resource factory for anyone looking forward to starting bug hunting and would require guidance as a beginner.\n\nhttps://github.com/bittentech/Bug-Bounty-Beginner-Roadmap\n\n#bugbounty #pentesting #infosec\n\n\u200b\u200bImHex\n\n\ud83d\udd0d A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.\n\nhttps://github.com/WerWolv/ImHex\n\n#cybersecurity #infosec #reverse\n\n\u200b\u200bAndroid Penetration Testing Cheat Sheet\n\nThis is more of a checklist for myself. May contain useful tips and tricks.\n\nhttps://github.com/ivan-sincek/android-penetration-testing-cheat-sheet\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bZenLdr\n\nBasic implementation of Cobalt Strikes - User Defined Reflective Loader feature.\n\nhttps://github.com/Mav3rick33/ZenLdr\n\nDetails:\nhttps://mav3rick33.gitbook.io/the-lab/cobalt-strike-user-defined-reflective-loader-studies\n\n#infosec #redteam #pentesting\n\n\u200b\u200bScoper\n\nThis is a #BurpSuite extension that allows users to easily add web addresses to the Burp Suite scope.\n\nhttps://github.com/haticeerturk/scoper\n\n#infosec #bugbounty #pentesting\n\n\u200b\u200bspotify-gdpr-dump-analysis\n\nLocal analysis of complete spotify streaming dataset (endsong_*.json). Made in 3 hours alongside with chatGPT, fixing bugs as they appeared.\n\nhttps://github.com/pldubouilh/spotify-gdpr-dump-analysis\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2022-46697\n\nOut-of-bounds access in IOMobileFrameBuffer\n\nhttps://github.com/antoniozekic/Proof-of-concepts/tree/main/CVE-2022-46697\n\n#exploit #cybersecurity #infosec #cve\n\n\u200b\u200bVulnerable WordPress\n\nIn this repository, we collect vulnerable WordPress plugins monthly and provide them to researchers. The output is a vulnerable WordPress that is easily installed. Researchers can use this version for Nuclei template development, exploit development, practice, training, etc.\n\nhttps://github.com/onhexgroup/Vulnerable-WordPress\n\n#infosec #bugbounty #pentesting\n\n\u200b\u200bOffensiveCpp\n\nThis repo contains C/C++ snippets that can be handy in specific offensive scenarios.\n\nhttps://github.com/lsecqt/OffensiveCpp\n\n#infosec #pentesting #redteam\n\n\u200b\u200bHades-C2\n\nHades is a basic Command & Control framework built using Python. It is currently extremely bare bones, but I plan to add more features soon.\n\nhttps://github.com/Lavender-exe/Hades-C2\n\n#infosec #pentesting #redteam\n\n\u200b\u200bRed Team Ops: Havoc 101\n\nLearn how to compromise an Active Directory Infrastructure by simulating adversarial Tactics, Techniques and Procedures (TTPs) using Havoc Framework.\n\nhttps://github.com/WesleyWong420/RedTeamOps-Havoc-101\n\n#infosec #cybersecurity #pentesting #redteam\n\n\u200b\u200bAzureGoat\n\nA Damn Vulnerable Azure Infrastructure.\n\nhttps://github.com/ine-labs/AzureGoat\n\n#cybersecurity #infosec\n\n\u200b\u200bDamn Vulnerable GraphQL Application\n\nDamn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.\n\nhttps://github.com/dolevf/Damn-Vulnerable-GraphQL-Application\n\n#cybersecurity #infosec", "creation_timestamp": "2023-04-13T10:41:15.000000Z"}, {"uuid": "d0f8d076-179d-4f72-aaf3-e1ab1bed22fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46697", "type": "seen", "source": "Telegram/YrcJwFF7LRTjg7mgQwAEoX7-6-7JVVBbOdwyqXnUuY7Sxg", "content": "", "creation_timestamp": "2023-04-17T11:58:07.000000Z"}, {"uuid": "93c5fe3d-fed9-44be-95d7-b5ed6978b212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46697", "type": "seen", "source": "https://t.me/RespaldoHackingTeam/657", "content": "#exploit\n1. CVE-2022-46697:\nOut-of-bounds access in IOMobileFrameBuffer\nhttps://github.com/antoniozekic/Proof-of-concepts/tree/main/CVE-2022-46697\n\n2. CVE-2022-38053, CVE-2023-21742, CVE-2023-21717:\nSharePoint Webpart Property Traversal\nhttps://testbnull.medium.com/ph%C3%A2n-t%C3%ADch-l%E1%BB%97-h%E1%BB%95ng-sharepoint-webpart-property-traversal-cve-2022-38053-cve-2023-21742-bc6931698a5f\n\n3. CVE-2023-23398:\nMicrosoft Excel Spoofing\nhttps://packetstormsecurity.com/files/171752/Microsoft-Excel-Spoofing.html", "creation_timestamp": "2023-04-13T07:13:01.000000Z"}, {"uuid": "37c290c2-2c55-432a-82f1-a8ae89b8cae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46697", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8083", "content": "#exploit\n1. CVE-2022-46697:\nOut-of-bounds access in IOMobileFrameBuffer\nhttps://github.com/antoniozekic/Proof-of-concepts/tree/main/CVE-2022-46697\n\n2. CVE-2022-38053, CVE-2023-21742, CVE-2023-21717:\nSharePoint Webpart Property Traversal\nhttps://testbnull.medium.com/ph%C3%A2n-t%C3%ADch-l%E1%BB%97-h%E1%BB%95ng-sharepoint-webpart-property-traversal-cve-2022-38053-cve-2023-21742-bc6931698a5f\n\n3. CVE-2023-23398:\nMicrosoft Excel Spoofing\nhttps://packetstormsecurity.com/files/171752/Microsoft-Excel-Spoofing.html", "creation_timestamp": "2023-04-09T13:17:01.000000Z"}]}