{"vulnerability": "cve-2022-2340", "sightings": [{"uuid": "2e7567b6-0613-4e19-b49b-9a234efae741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23409", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lmwbwf7wz32i", "content": "", "creation_timestamp": "2025-04-16T09:33:03.467656Z"}, {"uuid": "95f9937b-318f-4a65-aad9-c24bb07e04ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23409", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmzyvy34xv2x", "content": "", "creation_timestamp": "2025-04-17T21:02:28.357477Z"}, {"uuid": "8027cfc8-51a8-45cb-b6c8-2db3ebb99bdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2340", "type": "seen", "source": "https://t.me/cibsecurity/46896", "content": "\u203c CVE-2022-2340 \u203c\n\nThe W-DALIL WordPress plugin through 2.0 does not sanitise and escape some of its fields, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T16:33:05.000000Z"}, {"uuid": "775b53a0-190f-40f1-baee-fc95f1235e3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23403", "type": "seen", "source": "https://t.me/cibsecurity/48382", "content": "\u203c CVE-2022-23403 \u203c\n\nImproper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T00:16:38.000000Z"}, {"uuid": "1fba9a8f-c50a-42d4-9515-cad7fdb40310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23400", "type": "seen", "source": "https://t.me/cibsecurity/41825", "content": "\u203c CVE-2022-23400 \u203c\n\nA stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information leak. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-03T20:33:54.000000Z"}, {"uuid": "41139af0-986a-4a40-880c-c515eae5960e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23401", "type": "seen", "source": "https://t.me/cibsecurity/38762", "content": "\u203c CVE-2022-23401 \u203c\n\nThe following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-11T12:14:32.000000Z"}, {"uuid": "0566bb72-2ed2-4f1a-86b5-a8d9b603a8eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23402", "type": "seen", "source": "https://t.me/cibsecurity/38773", "content": "\u203c CVE-2022-23402 \u203c\n\nThe following Yokogawa Electric products hard-code the password for CAMS server applications: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.00, Exaopc versions from R3.72.00 to R3.79.00\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-11T12:14:43.000000Z"}, {"uuid": "45dd40e4-8dc6-468d-8ac9-87950cf7ceeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23408", "type": "seen", "source": "https://t.me/cibsecurity/35751", "content": "\u203c CVE-2022-23408 \u203c\n\nwolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-19T00:25:00.000000Z"}]}