{"vulnerability": "CVE-2022-4851", "sightings": [{"uuid": "5a0ed07b-dca3-4e26-aaf6-4ff66675bc95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4851", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11275", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4851\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.\n\ud83d\udccf Published: 2022-12-29T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T16:36:55.682Z\n\ud83d\udd17 References:\n1. https://github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53\n2. https://huntr.dev/bounties/e3cebc1a-1326-4a08-abad-0414a717fa0f", "creation_timestamp": "2025-04-10T16:49:28.000000Z"}, {"uuid": "9b9f7004-0597-4388-ad2c-e99ca7f9e435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48519", "type": "seen", "source": "https://t.me/cibsecurity/66080", "content": "\u203c CVE-2022-48519 \u203c\n\nUnauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerability may affect confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T16:26:06.000000Z"}, {"uuid": "b3144eb1-0815-451f-9bcc-da36487386f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48516", "type": "seen", "source": "https://t.me/cibsecurity/66079", "content": "\u203c CVE-2022-48516 \u203c\n\nVulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Successful exploitation of this vulnerability will affect confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T16:26:05.000000Z"}, {"uuid": "ec1bd1ab-9a65-44cc-8b51-750c8be6e314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48510", "type": "seen", "source": "https://t.me/cibsecurity/66072", "content": "\u203c CVE-2022-48510 \u203c\n\nInput verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T16:25:52.000000Z"}, {"uuid": "5673417e-0d04-4d2f-b912-310dfcf640a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48515", "type": "seen", "source": "https://t.me/cibsecurity/66068", "content": "\u203c CVE-2022-48515 \u203c\n\nVulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnerability may affect service confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T16:25:49.000000Z"}, {"uuid": "466616e4-d4d2-44bf-af05-0b30bc6b5ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48512", "type": "seen", "source": "https://t.me/cibsecurity/66066", "content": "\u203c CVE-2022-48512 \u203c\n\nUse After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T16:25:44.000000Z"}, {"uuid": "7f1d8347-227f-4acd-8c33-a0658304e2db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48517", "type": "seen", "source": "https://t.me/cibsecurity/66076", "content": "\u203c CVE-2022-48517 \u203c\n\nUnauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vulnerability will affect availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T16:25:59.000000Z"}, {"uuid": "5114efc8-1c01-4240-a1b8-a92cd2277f02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48518", "type": "seen", "source": "https://t.me/cibsecurity/66064", "content": "\u203c CVE-2022-48518 \u203c\n\nVulnerability of signature verification in the iaware system being initialized later than the time when the system broadcasts are sent. Successful exploitation of this vulnerability may cause malicious apps to start upon power-on by spoofing the package names of apps in the startup trustlist, which affects system performance.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T16:25:42.000000Z"}, {"uuid": "9cce5636-f63d-4df7-ae80-93732984dbed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48514", "type": "seen", "source": "https://t.me/cibsecurity/66063", "content": "\u203c CVE-2022-48514 \u203c\n\nThe Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitation of this vulnerability may affect confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T16:25:41.000000Z"}, {"uuid": "a69c5fbe-6746-4eab-a0c4-b3c19bb55fab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4851", "type": "seen", "source": "https://t.me/cibsecurity/55534", "content": "\u203c CVE-2022-4851 \u203c\n\nImproper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-29T20:13:21.000000Z"}]}