{"vulnerability": "CVE-2022-47629", "sightings": [{"uuid": "2406883f-f8a1-41a1-9fb5-2c1dd9c72950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47629", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/229", "content": "Top Security News for 07/01/2023\n\nWhatsApp Introduces Proxy Support to Help Users Bypass Internet Censorship\nhttps://thehackernews.com/2023/01/whatsapp-introduces-proxy-support-to.html \n\nI made an Open Source Browser extension to aid in Threat Investigations!\nhttps://www.reddit.com/r/netsec/comments/1057mto/i_made_an_open_source_browser_extension_to_aid_in/ \n\nAutomotive vulnerabilities discovered.\nhttps://thecyberwire.com/stories/602e4789b3254c9489cc245bc0ef9995/automotive-vulnerabilities-discovered \n\nUpdate on LastPass and Twitter breaches. Vice Society leaks stolen UK school data. Data incident at health organization prompts questions about disclosure rules.\nhttps://thecyberwire.com/newsletters/privacy-briefing/5/4 \n\nI scanned every package on PyPi and found 57 live AWS keys\nhttps://www.reddit.com/r/netsec/comments/10524mo/i_scanned_every_package_on_pypi_and_found_57_live/ \n\nMalware targets 30 unpatched WordPress plugins\nhttps://www.malwarebytes.com/blog/news/2023/01/update-your-wordpress-plugins-now-mass-backdoor-campaign-underway \n\nLatest activity from Turla {Mandiant}\nhttps://www.reddit.com/r/netsec/comments/104zjm8/latest_activity_from_turla_mandiant/ \n\nNew Twitter data dump is a cleaned up version of old Twitter dump\nhttps://www.malwarebytes.com/blog/news/2023/01/new-twitter-data-dump-is-a-cleaned-up-version-of-old-twitter-dump \n\nIgor\u2019s Tip of the Week #122: Manual load\nhttps://malware.news/t/igor-s-tip-of-the-week-122-manual-load/66202#post_1 \n\nVariant analysis of CVE-2022-3515 affecting libksba, which resulted in CVE-2022-47629\nhttps://www.reddit.com/r/netsec/comments/104nnug/variant_analysis_of_cve20223515_affecting_libksba/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2023-01-07T08:00:09.000000Z"}, {"uuid": "dc55aa0b-f21d-49c9-b84c-3680abe1ecf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47629", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7503", "content": "#exploit\n1. CVE-2022-41076:\nThe OWASSRF + TabShell exploit chain\nhttps://blog.viettelcybersecurity.com/tabshell-owassrf\n]-> https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e\n\n2. CVE-2022-3515/CVE-2022-47629:\nInteger overflow bug Libksba\u00a0library (x.509)\nhttps://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md \n\n3. CVE-2022-44877:\nCentos Web Panel 7 Unauthenticated RCE\nhttps://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-10T05:13:06.000000Z"}, {"uuid": "c52734de-5848-423c-8d64-a6d1e8a02f82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47629", "type": "seen", "source": "https://t.me/crackcodes/2143", "content": "#exploit\n1. The OWASSRF + TabShell exploit chain\nhttps://blog.viettelcybersecurity.com/tabshell-owassrf\n\n2. CVE-2022-3515/CVE-2022-47629:\nInteger overflow bug Libksba\u00a0library (x.509)\nhttps://github.com/elttam/publications/blob/master/writeups/CVE-2022-47629.md \n\n3. CVE-2022-44877:\nCentos Web Panel 7 Unauthenticated RCE\nhttps://github.com/numanturle/CVE-2022-44877", "creation_timestamp": "2023-01-15T13:34:14.000000Z"}, {"uuid": "3faf2667-6b8e-44f2-9f07-7ba27b10f720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47629", "type": "seen", "source": "https://t.me/cibsecurity/55034", "content": "\u203c CVE-2022-47629 \u203c\n\nLibksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T02:12:31.000000Z"}]}