{"vulnerability": "CVE-2022-4763", "sightings": [{"uuid": "abf18760-f5f9-448e-8458-9692dd810d51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47630", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11012", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47630\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state.\n\ud83d\udccf Published: 2023-01-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-08T20:26:30.379Z\n\ud83d\udd17 References:\n1. https://www.trustedfirmware.org/news/\n2. https://trustedfirmware-a.readthedocs.io/en/latest/security_advisories/security-advisory-tfv-10.html\n3. http://www.openwall.com/lists/oss-security/2023/01/16/8", "creation_timestamp": "2025-04-08T20:47:01.000000Z"}, {"uuid": "7fcdfc3d-d809-4f40-be75-4db72211ce3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47635", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12109", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47635\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows Server-side request forgery (SSRF) via ZohoClient.php.\n\ud83d\udccf Published: 2022-12-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-16T17:50:27.117Z\n\ud83d\udd17 References:\n1. https://wildix.atlassian.net/wiki/spaces/DOC/pages/30279136/Changelogs", "creation_timestamp": "2025-04-16T17:56:37.000000Z"}, {"uuid": "90a79776-9ad2-48b9-9086-208ad7999b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47633", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47633\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases.\n\ud83d\udccf Published: 2022-12-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T03:22:55.828Z\n\ud83d\udd17 References:\n1. https://kyverno.io/docs/writing-policies/verify-images/\n2. https://github.com/kyverno/kyverno/compare/v1.8.4...v1.8.5\n3. https://github.com/kyverno/kyverno/releases/tag/v1.8.5\n4. https://github.com/kyverno/kyverno/pull/5713\n5. https://github.com/kyverno/kyverno/security/advisories/GHSA-m3cq-xcx9-3gvm", "creation_timestamp": "2025-04-15T03:54:26.000000Z"}, {"uuid": "42c661be-4648-41ab-9b0c-696bbcd7ab37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47631", "type": "seen", "source": "https://t.me/cibsecurity/70584", "content": "\u203c CVE-2022-47631 \u203c\n\nRazer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\\Razer\\Synapse3\\Service\\bin if they do so before the service is installed and if they deny write access for the SYSTEM user. Although the service will not start if it detects malicious DLLs in this directory, attackers can exploit a race condition and replace a valid DLL (i.e., a copy of a legitimate Razer DLL) with a malicious DLL after the service has already checked the file. As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T02:24:50.000000Z"}, {"uuid": "d28cec40-3060-43b1-908b-d6988731998b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47630", "type": "seen", "source": "https://t.me/cibsecurity/56558", "content": "\u203c CVE-2022-47630 \u203c\n\nTrusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about microarchitectural state.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-16T18:30:13.000000Z"}, {"uuid": "a8c5b2d3-091d-4763-ab39-e82f4b7526e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47637", "type": "seen", "source": "https://t.me/cibsecurity/70367", "content": "\u203c CVE-2022-47637 \u203c\n\nThe installer in XAMPP through 8.1.12 allows local users to write to the C:\\xampp directory. Common use cases execute files under C:\\xampp with administrative privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T08:57:32.000000Z"}, {"uuid": "b3be1a23-8073-400d-83ce-0ca332c52e48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47636", "type": "seen", "source": "https://t.me/cibsecurity/68240", "content": "\u203c CVE-2022-47636 \u203c\n\nA DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739. When a user open a .oml file (OutSystems Modeling Language), the application will load the following DLLs from the same directory av_libGLESv2.dll, libcef.DLL, user32.dll, and d3d10warp.dll. Using a crafted DLL, it is possible to execute arbitrary code in the context of the current logged in user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T20:16:03.000000Z"}, {"uuid": "f2a0eacc-0d58-4c24-b843-5f1948dc0ab1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47634", "type": "seen", "source": "https://t.me/cibsecurity/55724", "content": "\u203c CVE-2022-47634 \u203c\n\nM-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-01T12:15:50.000000Z"}, {"uuid": "7cf251bc-264d-4daa-8432-b5de8e42769e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47632", "type": "seen", "source": "https://t.me/cibsecurity/57051", "content": "\u203c CVE-2022-47632 \u203c\n\nRazer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\\Razer\\Synapse3\\Service\\bin if they do so before the service is installed and if they deny write access for the SYSTEM user. Although the service will not start if the malicious DLLs are unsigned, it suffices to use self-signed DLLs. The validity of the DLL signatures is not checked. As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T18:34:37.000000Z"}, {"uuid": "cc2d9841-382c-4509-8c53-c328638ad49a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47633", "type": "seen", "source": "https://t.me/cibsecurity/55270", "content": "\u203c CVE-2022-47633 \u203c\n\nAn image signature validation bypass vulnerability in Kyverno 1.8.3 and 1.8.4 allows a malicious image registry (or a man-in-the-middle attacker) to inject unsigned arbitrary container images into a protected Kubernetes cluster. This is fixed in 1.8.5. This has been fixed in 1.8.5 and mitigations are available for impacted releases.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-24T02:14:46.000000Z"}, {"uuid": "559de368-452a-42f6-8dfc-571ec66d2a92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47635", "type": "seen", "source": "https://t.me/cibsecurity/55045", "content": "\u203c CVE-2022-47635 \u203c\n\nWildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23 allows Server-side request forgery (SSRF) via ZohoClient.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T12:13:27.000000Z"}]}