{"vulnerability": "CVE-2022-2981", "sightings": [{"uuid": "bba228b1-d0d8-4e39-a157-ab88e48140dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2981", "type": "seen", "source": "https://t.me/cibsecurity/51079", "content": "\u203c CVE-2022-2981 \u203c\n\nThe Download Monitor WordPress plugin before 4.5.98 does not ensure that files to be downloaded are inside the blog folders, and not sensitive, allowing high privilege users such as admin to download the wp-config.php or /etc/passwd even in an hardened environment or multisite setup.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-11T20:05:53.000000Z"}, {"uuid": "bd0bb54b-b92c-4312-8b05-f27780bdf882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29819", "type": "seen", "source": "https://t.me/cibsecurity/41556", "content": "\u203c CVE-2022-29819 \u203c\n\nIn JetBrains IntelliJ IDEA before 2022.1 local code execution via links in Quick Documentation was possible\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:21.000000Z"}, {"uuid": "b02851dd-1786-4495-9e40-3e91edd7eb47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29818", "type": "seen", "source": "https://t.me/cibsecurity/41555", "content": "\u203c CVE-2022-29818 \u203c\n\nIn JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:20.000000Z"}, {"uuid": "14ebf17c-443e-4691-835e-1706aa13ee95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29814", "type": "seen", "source": "https://t.me/cibsecurity/41553", "content": "\u203c CVE-2022-29814 \u203c\n\nIn JetBrains IntelliJ IDEA before 2022.1 local code execution via HTML descriptions in custom JSON schemas was possible\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:17.000000Z"}, {"uuid": "4cb17b65-1947-4865-aea0-dc7c55ee2719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29816", "type": "seen", "source": "https://t.me/cibsecurity/41552", "content": "\u203c CVE-2022-29816 \u203c\n\nIn JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:16.000000Z"}, {"uuid": "811ec54b-c6eb-46f6-8216-d836807393d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29815", "type": "seen", "source": "https://t.me/cibsecurity/41551", "content": "\u203c CVE-2022-29815 \u203c\n\nIn JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:15.000000Z"}, {"uuid": "aaf51308-905c-408e-bc9d-b1b8c522885a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29813", "type": "seen", "source": "https://t.me/cibsecurity/41549", "content": "\u203c CVE-2022-29813 \u203c\n\nIn JetBrains IntelliJ IDEA before 2022.1 local code execution via custom Pandoc path was possible\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:11.000000Z"}, {"uuid": "715630ad-f077-43ac-aa0e-5ff996e5ce23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29811", "type": "seen", "source": "https://t.me/cibsecurity/41548", "content": "\u203c CVE-2022-29811 \u203c\n\nIn JetBrains Hub before 2022.1.14638 stored XSS via project icon was possible.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:10.000000Z"}, {"uuid": "0b8dca29-228f-42dc-8603-ec883ec8472c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29812", "type": "seen", "source": "https://t.me/cibsecurity/41547", "content": "\u203c CVE-2022-29812 \u203c\n\nIn JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:08.000000Z"}, {"uuid": "d21ac999-582a-4e9a-9d13-fdde8704e524", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29817", "type": "seen", "source": "https://t.me/cibsecurity/41546", "content": "\u203c CVE-2022-29817 \u203c\n\nIn JetBrains IntelliJ IDEA before 2022.1 reflected XSS via error messages in internal web server was possible\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T14:24:07.000000Z"}, {"uuid": "a2d961d2-4e36-41e8-90db-856470c83ec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29810", "type": "seen", "source": "https://t.me/cibsecurity/41480", "content": "\u203c CVE-2022-29810 \u203c\n\nThe Hashicorp go-getter library before 1.5.11 could write SSH credentials into its logfile, exposing sensitive credentials to local users able to read the logfile.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-27T12:12:52.000000Z"}]}