{"vulnerability": "cve-2022-2001", "sightings": [{"uuid": "b983c4f0-3f96-4692-a5d4-ae992b26b86d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20015", "type": "seen", "source": "https://t.me/cibsecurity/34941", "content": "\u203c CVE-2022-20015 \u203c\n\nIn kd_camera_hw driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862966; Issue ID: ALPS05862966.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T18:39:40.000000Z"}, {"uuid": "1d524878-3fb5-4f22-be51-cf4fbe423a58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2001", "type": "seen", "source": "https://t.me/cibsecurity/46481", "content": "\u203c CVE-2022-2001 \u203c\n\nThe DX Share Selection plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. This is due to missing nonce protection on the dxss_admin_page() function found in the ~/dx-share-selection.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site's administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T20:39:55.000000Z"}, {"uuid": "4b132bfa-1836-4c65-ab39-eada491a4e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20014", "type": "seen", "source": "https://t.me/cibsecurity/34940", "content": "\u203c CVE-2022-20014 \u203c\n\nIn vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T18:39:39.000000Z"}, {"uuid": "2b4e5cff-f498-41b3-9df1-b6832ffa10d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20012", "type": "seen", "source": "https://t.me/cibsecurity/34924", "content": "\u203c CVE-2022-20012 \u203c\n\nIn mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T18:39:17.000000Z"}, {"uuid": "8b4178ca-5e40-40c2-b136-f34142788c39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20019", "type": "seen", "source": "https://t.me/cibsecurity/34931", "content": "\u203c CVE-2022-20019 \u203c\n\nIn libMtkOmxGsmDec, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917620; Issue ID: ALPS05917620.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T18:39:27.000000Z"}, {"uuid": "75f76c47-4ff2-4bfb-8526-fb6f0a0993b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20018", "type": "seen", "source": "https://t.me/cibsecurity/34930", "content": "\u203c CVE-2022-20018 \u203c\n\nIn seninf driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863018; Issue ID: ALPS05863018.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T18:39:26.000000Z"}, {"uuid": "6c081bd8-a8a1-4e99-a1b7-820c3039a7dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20016", "type": "seen", "source": "https://t.me/cibsecurity/34926", "content": "\u203c CVE-2022-20016 \u203c\n\nIn vow driver, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862986; Issue ID: ALPS05862986.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T18:39:20.000000Z"}, {"uuid": "2ff1410a-e899-403c-aca0-b98eb9620a21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20013", "type": "seen", "source": "https://t.me/cibsecurity/34925", "content": "\u203c CVE-2022-20013 \u203c\n\nIn vow driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05837742; Issue ID: ALPS05837742.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-04T18:39:19.000000Z"}]}