Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 05:35:36 +0000 d79e4bed-10bf-478b-b804-fce96ccb8404 https://vulnerability.circl.lu/sighting/d79e4bed-10bf-478b-b804-fce96ccb8404/export {"uuid": "d79e4bed-10bf-478b-b804-fce96ccb8404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21164", "type": "seen", "source": "https://t.me/cibsecurity/39101", "content": "\u203c CVE-2022-21164 \u203c\n\nThe package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-16T19:20:33.000000Z"} {"uuid": "d79e4bed-10bf-478b-b804-fce96ccb8404", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21164", "type": "seen", "source": "https://t.me/cibsecurity/39101", "content": "\u203c CVE-2022-21164 \u203c\n\nThe package node-lmdb before 0.9.7 are vulnerable to Denial of Service (DoS) when defining a non-invokable ToString value, which will cause a crash during type check.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-16T19:20:33.000000Z"} https://vulnerability.circl.lu/sighting/d79e4bed-10bf-478b-b804-fce96ccb8404/export Wed, 16 Mar 2022 19:20:33 +0000 e9736bde-b446-4318-ad39-3b03294846ea https://vulnerability.circl.lu/sighting/e9736bde-b446-4318-ad39-3b03294846ea/export {"uuid": "e9736bde-b446-4318-ad39-3b03294846ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21168", "type": "seen", "source": "https://t.me/cibsecurity/40639", "content": "\u203c CVE-2022-21168 \u203c\n\nThe affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T20:17:24.000000Z"} {"uuid": "e9736bde-b446-4318-ad39-3b03294846ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21168", "type": "seen", "source": "https://t.me/cibsecurity/40639", "content": "\u203c CVE-2022-21168 \u203c\n\nThe affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T20:17:24.000000Z"} https://vulnerability.circl.lu/sighting/e9736bde-b446-4318-ad39-3b03294846ea/export Tue, 12 Apr 2022 20:17:24 +0000 4c4c02d0-d93e-40ec-a167-b35076b8cd30 https://vulnerability.circl.lu/sighting/4c4c02d0-d93e-40ec-a167-b35076b8cd30/export {"uuid": "4c4c02d0-d93e-40ec-a167-b35076b8cd30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2116", "type": "seen", "source": "https://t.me/cibsecurity/48138", "content": "\u203c CVE-2022-2116 \u203c\n\nThe Contact Form DB WordPress plugin before 1.8.0 does not sanitise and escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-15T14:37:54.000000Z"} {"uuid": "4c4c02d0-d93e-40ec-a167-b35076b8cd30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2116", "type": "seen", "source": "https://t.me/cibsecurity/48138", "content": "\u203c CVE-2022-2116 \u203c\n\nThe Contact Form DB WordPress plugin before 1.8.0 does not sanitise and escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-15T14:37:54.000000Z"} https://vulnerability.circl.lu/sighting/4c4c02d0-d93e-40ec-a167-b35076b8cd30/export Mon, 15 Aug 2022 14:37:54 +0000 d18064e9-ef37-4b45-bafd-36e813a89c0a https://vulnerability.circl.lu/sighting/d18064e9-ef37-4b45-bafd-36e813a89c0a/export {"uuid": "d18064e9-ef37-4b45-bafd-36e813a89c0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-21165", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-g2c3-vwff-m3xr", "content": "", "creation_timestamp": "2022-08-29T20:06:54.000000Z"} {"uuid": "d18064e9-ef37-4b45-bafd-36e813a89c0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-21165", "type": "published-proof-of-concept", "source": "https://github.com/advisories/GHSA-g2c3-vwff-m3xr", "content": "", "creation_timestamp": "2022-08-29T20:06:54.000000Z"} https://vulnerability.circl.lu/sighting/d18064e9-ef37-4b45-bafd-36e813a89c0a/export Mon, 29 Aug 2022 20:06:54 +0000 47c9cf4d-1068-4a14-bbca-e4dd75f7b191 https://vulnerability.circl.lu/sighting/47c9cf4d-1068-4a14-bbca-e4dd75f7b191/export {"uuid": "47c9cf4d-1068-4a14-bbca-e4dd75f7b191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21163", "type": "seen", "source": "https://t.me/cibsecurity/58413", "content": "\u203c CVE-2022-21163 \u203c\n\nImproper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T00:18:43.000000Z"} {"uuid": "47c9cf4d-1068-4a14-bbca-e4dd75f7b191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21163", "type": "seen", "source": "https://t.me/cibsecurity/58413", "content": "\u203c CVE-2022-21163 \u203c\n\nImproper access control in the Crypto API Toolkit for Intel(R) SGX before version 2.0 commit ID 91ee496 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T00:18:43.000000Z"} https://vulnerability.circl.lu/sighting/47c9cf4d-1068-4a14-bbca-e4dd75f7b191/export Fri, 17 Feb 2023 00:18:43 +0000 97d05ecb-a532-4685-aae6-1048bf0aae85 https://vulnerability.circl.lu/sighting/97d05ecb-a532-4685-aae6-1048bf0aae85/export {"uuid": "97d05ecb-a532-4685-aae6-1048bf0aae85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21166", "type": "seen", "source": "https://t.me/true_secator/4127", "content": "Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 Memory Mapped I/O Stale Data (MMIO), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Intel.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b Intel \u0435\u0449\u0435 14 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u043b\u0438 \u0432 \u043a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043a\u0430\u043a: CVE-2022-21123, CVE-2022-21125, CVE-2022-21127 \u0438 CVE-2022-21166.\n\n\u0422\u043e\u0433\u0434\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b, \u0447\u0442\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435, \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b, \u0447\u0442\u043e \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0434\u043e\u0432\u0435\u0440\u0438\u044f.\n\n\u0412 Microsoft \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c ADV220002 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 \u0441 \u043e\u0431\u0449\u0438\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u0445, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.\n\n\u0412 \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0442\u043e\u0433\u0434\u0430 \u043d\u0435 \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0430 \u0432\u0441\u0435\u0433\u043e \u043b\u0438\u0448\u044c \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0434\u043b\u044f Windows Server 2019 \u0438 Windows Server 2022.\n\n\u0422\u0435\u043f\u0435\u0440\u044c Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0437\u0430\u0433\u0430\u0434\u043e\u0447\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f Windows 10, 11 \u0438 Windows Server, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041f\u0440\u0438\u0447\u0435\u043c, \u043a\u0430\u043a \"\u0440\u0443\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\" \u043e\u043d\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Microsoft.\n\n\u041f\u0435\u0440\u0435\u0434 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043a\u0430\u043a Intel, \u0442\u0430\u043a \u0438 Microsoft, \u0442\u0430\u043a \u043a\u0430\u043a \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u044f\u0441\u043d\u043e, \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043b\u0438 \u043e\u043d\u0438 \u043d\u043e\u0432\u044b\u043c\u0438 \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0430\u043c\u0438 Intel \u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043c\u0435\u0440\u0430\u043c\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e. \n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043d\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0431\u0435\u0437 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438 Intel Hyper-Threading (Intel HT Technology) \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u0445.\n\n\u041e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u044b\u0445 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u0439 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0442\u0430\u043a \u0438 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0438\u043b\u043e, \u0438 \u0447\u0442\u043e\u0431 \u043f\u043e\u043d\u044f\u0442\u044c, \u043a\u0430\u043a \u043b\u0443\u0447\u0448\u0435 \u0431\u044b\u0442\u044c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0448\u0442\u0443\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043d\u043d\u0443 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043e\u0442 \u043e\u0431\u043e\u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432.", "creation_timestamp": "2023-03-03T12:46:27.000000Z"} {"uuid": "97d05ecb-a532-4685-aae6-1048bf0aae85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21166", "type": "seen", "source": "https://t.me/true_secator/4127", "content": "Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 Memory Mapped I/O Stale Data (MMIO), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b Intel.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b Intel \u0435\u0449\u0435 14 \u0438\u044e\u043d\u044f 2022 \u0433\u043e\u0434\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u043b\u0438 \u0432 \u043a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043a\u0430\u043a: CVE-2022-21123, CVE-2022-21125, CVE-2022-21127 \u0438 CVE-2022-21166.\n\n\u0422\u043e\u0433\u0434\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b, \u0447\u0442\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043d\u0430 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435, \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b, \u0447\u0442\u043e \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0447\u0435\u0440\u0435\u0437 \u0433\u0440\u0430\u043d\u0438\u0446\u044b \u0434\u043e\u0432\u0435\u0440\u0438\u044f.\n\n\u0412 Microsoft \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c ADV220002 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0435\u0432, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438, \u0447\u0442\u043e \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 \u0441 \u043e\u0431\u0449\u0438\u043c\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u0445, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b.\n\n\u0412 \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438\u043b\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0442\u043e\u0433\u0434\u0430 \u043d\u0435 \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0430 \u0432\u0441\u0435\u0433\u043e \u043b\u0438\u0448\u044c \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0434\u043b\u044f Windows Server 2019 \u0438 Windows Server 2022.\n\n\u0422\u0435\u043f\u0435\u0440\u044c Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0437\u0430\u0433\u0430\u0434\u043e\u0447\u043d\u044b\u0439 \u043d\u0430\u0431\u043e\u0440 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f Windows 10, 11 \u0438 Windows Server, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041f\u0440\u0438\u0447\u0435\u043c, \u043a\u0430\u043a \"\u0440\u0443\u0447\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\" \u043e\u043d\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 Microsoft.\n\n\u041f\u0435\u0440\u0435\u0434 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043a\u0430\u043a Intel, \u0442\u0430\u043a \u0438 Microsoft, \u0442\u0430\u043a \u043a\u0430\u043a \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435\u044f\u0441\u043d\u043e, \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043b\u0438 \u043e\u043d\u0438 \u043d\u043e\u0432\u044b\u043c\u0438 \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0430\u043c\u0438 Intel \u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u043c\u0435\u0440\u0430\u043c\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e. \n\n\u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043d\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0431\u0435\u0437 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0438 Intel Hyper-Threading (Intel HT Technology) \u0432 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u0445.\n\n\u041e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u044b\u0445 \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u0439 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0442\u0430\u043a \u0438 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0438\u043b\u043e, \u0438 \u0447\u0442\u043e\u0431 \u043f\u043e\u043d\u044f\u0442\u044c, \u043a\u0430\u043a \u043b\u0443\u0447\u0448\u0435 \u0431\u044b\u0442\u044c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0448\u0442\u0443\u0434\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043d\u043d\u0443 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043e\u0442 \u043e\u0431\u043e\u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432.", "creation_timestamp": "2023-03-03T12:46:27.000000Z"} https://vulnerability.circl.lu/sighting/97d05ecb-a532-4685-aae6-1048bf0aae85/export Fri, 03 Mar 2023 12:46:27 +0000 b41c3619-e458-4b0c-bcc4-60ed3645f596 https://vulnerability.circl.lu/sighting/b41c3619-e458-4b0c-bcc4-60ed3645f596/export {"uuid": "b41c3619-e458-4b0c-bcc4-60ed3645f596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21165", "type": "seen", "source": "https://t.me/arpsyndicate/4749", "content": "#ExploitObserverAlert\n\nCVE-2022-21165\n\nDESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2022-21165. All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function.\n\nFIRST-EPSS: 0.005790000\nNVD-IS: 5.9\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7197403", "creation_timestamp": "2024-04-23T17:38:18.000000Z"} {"uuid": "b41c3619-e458-4b0c-bcc4-60ed3645f596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21165", "type": "seen", "source": "https://t.me/arpsyndicate/4749", "content": "#ExploitObserverAlert\n\nCVE-2022-21165\n\nDESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2022-21165. All versions of package font-converter are vulnerable to Arbitrary Command Injection due to missing sanitization of input that potentially flows into the child_process.exec() function.\n\nFIRST-EPSS: 0.005790000\nNVD-IS: 5.9\nNVD-ES: 3.9\nARPS-PRIORITY: 0.7197403", "creation_timestamp": "2024-04-23T17:38:18.000000Z"} https://vulnerability.circl.lu/sighting/b41c3619-e458-4b0c-bcc4-60ed3645f596/export Tue, 23 Apr 2024 17:38:18 +0000 f6dff3c6-a0aa-416d-aac3-da4e6a7eb2d9 https://vulnerability.circl.lu/sighting/f6dff3c6-a0aa-416d-aac3-da4e6a7eb2d9/export {"uuid": "f6dff3c6-a0aa-416d-aac3-da4e6a7eb2d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21169", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17194", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-21169\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P)\n\ud83d\udd39 Description: The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization.\n\ud83d\udccf Published: 2022-09-26T05:05:11.200Z\n\ud83d\udccf Modified: 2025-05-21T20:29:25.084Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-EXPRESSXSSSANITIZER-3027443\n2. https://github.com/AhmedAdelFahim/express-xss-sanitizer/issues/4\n3. https://runkit.com/embed/w306l6zfm7tu\n4. https://github.com/AhmedAdelFahim/express-xss-sanitizer/commit/3bf8aaaf4dbb1c209dcb8d87a82711a54c1ab39a", "creation_timestamp": "2025-05-21T20:41:35.000000Z"} {"uuid": "f6dff3c6-a0aa-416d-aac3-da4e6a7eb2d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21169", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17194", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-21169\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P)\n\ud83d\udd39 Description: The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization.\n\ud83d\udccf Published: 2022-09-26T05:05:11.200Z\n\ud83d\udccf Modified: 2025-05-21T20:29:25.084Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-EXPRESSXSSSANITIZER-3027443\n2. https://github.com/AhmedAdelFahim/express-xss-sanitizer/issues/4\n3. https://runkit.com/embed/w306l6zfm7tu\n4. https://github.com/AhmedAdelFahim/express-xss-sanitizer/commit/3bf8aaaf4dbb1c209dcb8d87a82711a54c1ab39a", "creation_timestamp": "2025-05-21T20:41:35.000000Z"} https://vulnerability.circl.lu/sighting/f6dff3c6-a0aa-416d-aac3-da4e6a7eb2d9/export Wed, 21 May 2025 20:41:35 +0000