{"vulnerability": "CVE-2022-4843", "sightings": [{"uuid": "5f57c74d-14e9-45f8-b9d9-96875d24f976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48437", "type": "seen", "source": "https://t.me/cibsecurity/61961", "content": "\u203c CVE-2022-48437 \u203c\n\nAn issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509_verify_ctx_add_chain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed verification callback that instructs the verifier to continue upon detecting an invalid certificate.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T12:23:59.000000Z"}, {"uuid": "27c75b7b-a2cf-4ee9-9f8c-26ce692e8617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48438", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/578", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48438\n\ud83d\udd39 Description: In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\n\ud83d\udccf Published: 2023-06-06T05:12:59.511Z\n\ud83d\udccf Modified: 2025-01-07T20:55:08.287Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", "creation_timestamp": "2025-01-07T21:39:04.000000Z"}, {"uuid": "7577d5fb-b158-43ce-81ab-4b864d02aaf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48439", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/579", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48439\n\ud83d\udd39 Description: In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.\n\ud83d\udccf Published: 2023-06-06T05:13:00.524Z\n\ud83d\udccf Modified: 2025-01-07T20:49:29.922Z\n\ud83d\udd17 References:\n1. https://www.unisoc.com/en_us/secy/announcementDetail/1664822361414762498", "creation_timestamp": "2025-01-07T21:39:09.000000Z"}, {"uuid": "77006ab8-f2b4-49a4-b4e3-ddc3388cf0e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48433", "type": "seen", "source": "https://t.me/cibsecurity/61010", "content": "\u203c CVE-2022-48433 \u203c\n\nIn JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the IntelliJ IDEA built-in web server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T16:15:31.000000Z"}, {"uuid": "0e442e9b-7345-4863-83a8-f1c5b6751320", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48432", "type": "seen", "source": "https://t.me/cibsecurity/61004", "content": "\u203c CVE-2022-48432 \u203c\n\nIn JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T16:15:21.000000Z"}, {"uuid": "1a1c0004-843f-4052-9abf-298057e91a0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48431", "type": "seen", "source": "https://t.me/cibsecurity/61003", "content": "\u203c CVE-2022-48431 \u203c\n\nIn JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported without the \u00e2\u20ac\u0153Trust Project\u00e2\u20ac\ufffd confirmation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T16:15:20.000000Z"}, {"uuid": "6c96b3d4-aba8-4ac6-8230-f451a1e8e6bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48434", "type": "seen", "source": "https://t.me/cibsecurity/61027", "content": "\u203c CVE-2022-48434 \u203c\n\nlibavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T20:15:41.000000Z"}, {"uuid": "0ec3fa99-7a73-4b58-9adf-6b3e6eff6a32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48430", "type": "seen", "source": "https://t.me/cibsecurity/61009", "content": "\u203c CVE-2022-48430 \u203c\n\nIn JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet path in Markdown preview.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T16:15:30.000000Z"}, {"uuid": "e9dd2894-586b-49a7-9802-d346b5c81177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4843", "type": "seen", "source": "https://t.me/cibsecurity/55532", "content": "\u203c CVE-2022-4843 \u203c\n\nNULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-29T20:13:19.000000Z"}]}