{"vulnerability": "CVE-2022-3585", "sightings": [{"uuid": "afec8cf1-35a1-4832-aa44-23c896b7d0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35850", "type": "seen", "source": "https://t.me/cibsecurity/61889", "content": "\u203c CVE-2022-35850 \u203c\n\nAn improper neutralization of script-related HTML tags in a web page vulnerability [CWE-80] in FortiAuthenticator versions 6.4.0 through 6.4.4, 6.3.0 through 6.3.3, all versions of 6.2 and 6.1 may allow a remote unauthenticated attacker to trigger a reflected cross site scripting (XSS) attack via the \"reset-password\" page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T20:23:30.000000Z"}, {"uuid": "fdbf41e5-688f-465a-a1ed-d436c7b7ce45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35858", "type": "seen", "source": "https://t.me/cibsecurity/47590", "content": "\u203c CVE-2022-35858 \u203c\n\nThe TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T00:19:51.000000Z"}, {"uuid": "ec74354e-90f8-4345-b416-ebf4934a7b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35857", "type": "seen", "source": "https://t.me/cibsecurity/46220", "content": "\u203c CVE-2022-35857 \u203c\n\nkvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T08:52:47.000000Z"}]}