{"vulnerability": "cve-2022-4648", "sightings": [{"uuid": "d6778331-4610-4156-9a19-662ff5264477", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46489", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11232", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46489\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c.\n\ud83d\udccf Published: 2023-01-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T14:44:58.296Z\n\ud83d\udd17 References:\n1. https://github.com/gpac/gpac/issues/2328", "creation_timestamp": "2025-04-10T14:50:09.000000Z"}, {"uuid": "7211f530-77ea-40d4-850d-f9159e1a8ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46480", "type": "seen", "source": "https://t.me/Master_X_Cha/6123", "content": "CVE-2022-46480 \u2705\n\n\u2714\ufe0f \u0646\u0648\u0639\u0647\u0627: \u0627\u0644\u062b\u063a\u0631\u0629 \u062f\u064a \u0645\u0646 \u0646\u0648\u0639 \u062a\u062c\u0627\u0648\u0632 \u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u0627\u0644\u0647\u0648\u064a\u0629 (Authentication Bypass) \u0628\u062d\u064a\u062b \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u0641\u062a\u062d \u0627\u0644\u062c\u0647\u0627\u0632 \u0627\u0644\u0630\u0643\u064a \u0628\u062f\u0648\u0646 \u0627\u0644\u062d\u0627\u062c\u0629 \u0644\u0627\u062f\u062e\u0627\u0644 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0635\u062d\u064a\u062d\u0629\n\n\u2714\ufe0f \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0644\u0649 \u0645\u062a\u0627\u062b\u0631:\n\u0627\u0644\u062b\u063a\u0631\u0629 \u0628\u062a\u0627\u062b\u0631 \u0639\u0644\u0649 \u0627\u062c\u0647\u0632\u0629 Ultraloq UL3 BT Smart Lock\n\n\u2714\ufe0f \u062a\u0635\u0646\u064a\u0641 \u0627\u0644\u062e\u0637\u0648\u0631\u0629:\n\u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u062a\u0635\u0646\u0641\u062a \u0639\u0644\u0649 \u0627\u0646\u0647\u0627 \"\u0645\u0634\u0643\u0644\u0629 \u062d\u0631\u062c\u0629\" \u0644\u0627\u0646\u0647\u0627 \u0628\u062a\u062f\u064a \u0641\u0631\u0635\u0629 \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0644\u0644\u0648\u0635\u0648\u0644 \u063a\u064a\u0631 \u0627\u0644\u0645\u0635\u0631\u062d \u0628\u064a\u0647 \u0648\u0627\u0644\u062a\u062d\u0643\u0645 \u0641\u064a \u0627\u0644\u062c\u0647\u0627\u0632 \u0627\u0644\u0630\u0643\u064a\n\n\u2714\ufe0f \u0645\u062e\u0627\u0637\u0631\u0647\u0627:\n\u0645\u0645\u0643\u0646 \u064a\u062a\u0645 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u0645\u0646 \u062c\u0647\u0627\u062a \u063a\u064a\u0631 \u0645\u0633\u0645\u0648\u062d \u0644\u064a\u0647\u0627 \u0644\u0644\u0648\u0635\u0648\u0644 \u0644\u0644\u062c\u0647\u0627\u0632 \u0628\u062f\u0648\u0646 \u0627\u0630\u0646 \u0648\u062f\u0647 \u0628\u064a\u0647\u062f\u062f \u0633\u0644\u0627\u0645\u0629 \u0627\u0644\u0646\u0627\u0633 \u0648\u0645\u0645\u062a\u0644\u0643\u0627\u062a\u0647\u0645\n\n\u26a1\ufe0f \u0637\u064a\u0628 \u0647\u0644 \u0627\u0644\u0645\u0634\u0643\u0644\u0629 \u0627\u062a\u062d\u0644\u062a\u061f\n\u0644\u0633\u0647 \u0627\u0644\u0645\u0634\u0643\u0644\u0629 \u0645\u062a\u062d\u0644\u062a\u0634 \u0631\u0633\u0645\u064a \u0648\u0627\u0644\u062c\u0647\u0627\u062a \u0627\u0644\u0645\u062e\u062a\u0635\u0629 \u0634\u063a\u0627\u0644\u0629 \u0639\u0644\u0649 \u0627\u0635\u062f\u0627\u0631 \u062a\u062d\u062f\u064a\u062b \u0627\u0645\u0646\u064a \u0642\u0631\u064a\u0628\n\n\u26a1\ufe0f \u0633\u0639\u0631 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u062d\u0627\u0644\u064a\u061f\n\u0633\u0639\u0631\u0647\u0627 \u062d\u0627\u0644\u064a\u0627 \u0628\u064a\u0646 3k$ \u0644 8k$", "creation_timestamp": "2025-04-24T05:53:52.000000Z"}, {"uuid": "b1faff14-c43c-4b95-9353-ee53b0a77bb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46487", "type": "seen", "source": "https://t.me/arpsyndicate/2297", "content": "#ExploitObserverAlert\n\nCVE-2022-46487\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-46487. Improper initialization of x87 and SSE floating-point configuration registers in the __scone_entry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floating-point operations in an enclave or access sensitive information via side-channel analysis.", "creation_timestamp": "2024-01-01T05:35:33.000000Z"}, {"uuid": "e960a9f5-084f-46df-94c8-e4d78bb56bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46486", "type": "seen", "source": "https://t.me/arpsyndicate/2303", "content": "#ExploitObserverAlert\n\nCVE-2022-46486\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-46486. A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information.", "creation_timestamp": "2024-01-01T06:21:31.000000Z"}, {"uuid": "237b6c51-7fb6-4bda-ac0a-404d3f76b229", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46480", "type": "seen", "source": "https://t.me/ctinow/158806", "content": "https://ift.tt/MxtlYNz\nCVE-2022-46480 | Ultraloq UL3 2nd Gen Smart Lock 02.27.0012 Bluetooth LE user session", "creation_timestamp": "2023-12-23T12:41:40.000000Z"}, {"uuid": "d246ad78-9299-4f30-bfba-7498a0427d8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46487", "type": "seen", "source": "https://t.me/cibsecurity/74017", "content": "\u203c\ufe0fCVE-2022-46487\u203c\ufe0f\n\nImproper initialization of x87 and SSE floatingpoint configuration registers in the sconeentry component of SCONE before 5.8.0 for Intel SGX allows a local attacker to compromise the execution integrity of floatingpoint operations in an enclave or access sensitive information via sidechannel analysis.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-31T01:30:51.000000Z"}, {"uuid": "fc3aba80-2449-4eaf-bc53-5fd4541eb6d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46486", "type": "seen", "source": "https://t.me/cibsecurity/74016", "content": "\u203c\ufe0fCVE-2022-46486\u203c\ufe0f\n\nA lack of pointervalidation logic in the sconedispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-31T01:30:46.000000Z"}, {"uuid": "2cf24e6f-39eb-477f-8d73-e022eeb083b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46487", "type": "seen", "source": "https://t.me/ctinow/170918", "content": "https://ift.tt/9lcsr41\nCVE-2022-46487 | Scontain SCONE up to 5.7.x Floating Point __scone_entry observable behavioral discrepancy", "creation_timestamp": "2024-01-21T20:56:41.000000Z"}, {"uuid": "729db44b-9c16-469f-9bba-504639a8cf8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46486", "type": "seen", "source": "https://t.me/ctinow/170997", "content": "https://ift.tt/qIipL1J\nCVE-2022-46486 | Scontain SCONE up to 5.7.x on Intel SGX __scone_dispatch information disclosure", "creation_timestamp": "2024-01-22T07:07:10.000000Z"}, {"uuid": "fc2441a4-368f-45ac-825c-31d153a1eba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46487", "type": "seen", "source": "https://t.me/ctinow/160748", "content": "https://ift.tt/wdVB3Xj\nCVE-2022-46487", "creation_timestamp": "2023-12-30T04:26:38.000000Z"}, {"uuid": "7277f3b5-9dab-4a99-9ff7-ac0c63e378fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46486", "type": "seen", "source": "https://t.me/ctinow/160747", "content": "https://ift.tt/DLiIBPo\nCVE-2022-46486", "creation_timestamp": "2023-12-30T04:26:37.000000Z"}, {"uuid": "a109ed5f-bae6-47a8-b13b-3c1b6f62cf6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46486", "type": "seen", "source": "https://t.me/ctinow/164503", "content": "https://ift.tt/D5JM6jG\nCVE-2022-46486 Exploit", "creation_timestamp": "2024-01-08T17:16:36.000000Z"}, {"uuid": "e429934d-452a-417c-a55b-dea7ad064665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46487", "type": "seen", "source": "https://t.me/ctinow/163742", "content": "https://ift.tt/dRt6oXf\nCVE-2022-46487 Exploit", "creation_timestamp": "2024-01-05T22:16:47.000000Z"}, {"uuid": "883a5776-6a21-4e11-b930-0c3503b57575", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46489", "type": "seen", "source": "https://t.me/cibsecurity/55965", "content": "\u203c CVE-2022-46489 \u203c\n\nGPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-05T18:22:07.000000Z"}, {"uuid": "4f71378b-7f74-4b5d-8b56-02836281aef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46485", "type": "seen", "source": "https://t.me/cibsecurity/67598", "content": "\u203c CVE-2022-46485 \u203c\n\nData Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial of Service if a survey contains a \"Text Field\", \"Comment Field\" or \"Contact Details\".\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T18:39:25.000000Z"}, {"uuid": "7d6779f4-dcfb-455e-a232-0174e665415b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-46484", "type": "seen", "source": "https://t.me/cibsecurity/67596", "content": "\u203c CVE-2022-46484 \u203c\n\nInformation disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T18:39:23.000000Z"}, {"uuid": "3572f2ee-cec1-4487-bf8c-3dd5369c5443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4648", "type": "seen", "source": "https://t.me/cibsecurity/56550", "content": "\u203c CVE-2022-4648 \u203c\n\nThe Real Testimonials WordPress plugin before 2.6.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-16T18:24:26.000000Z"}]}