{"vulnerability": "cve-2022-2154", "sightings": [{"uuid": "7b3dd3cc-e44b-4871-8572-e06f67d979d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21546", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo7vcxsmhzz2", "content": "", "creation_timestamp": "2025-05-03T01:36:04.408459Z"}, {"uuid": "90e87186-0ab8-4122-b0ef-f1dc908dd8c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21546", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loaavfqn652w", "content": "", "creation_timestamp": "2025-05-03T02:06:24.921623Z"}, {"uuid": "dc34844b-75eb-49cd-bb02-01a5bb510a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21546", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14621", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-21546\n\ud83d\udd25 CVSS Score: 7.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like \"sg_write_same --ndob\" we will crash in target_core_iblock/file's execute_write_same handlers when we go to access the se_cmd->t_data_sg because its NULL. CVSS 3.1 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).\n\ud83d\udccf Published: 2025-05-02T21:52:09.864Z\n\ud83d\udccf Modified: 2025-05-02T21:52:09.864Z\n\ud83d\udd17 References:\n1. https://linux.oracle.com/cve/CVE-2022-21546.html\n2. https://git.kernel.org/linus/ccd3f449052449a917a3e577d8ba0368f43b8f29\n3. https://lore.kernel.org/all/20220628022325.14627-2-michael.christie@oracle.com/", "creation_timestamp": "2025-05-02T22:20:25.000000Z"}, {"uuid": "39ce1e58-080c-4546-a757-fa82c790a279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2154", "type": "seen", "source": "https://t.me/cibsecurity/50158", "content": "\u203c CVE-2022-2154 \u203c\n\nAn attacker with physical access can exploit this vulnerability to execute arbitrary code during DXE phase. A malicious code installed as a result of vulnerability exploitation in DXE driver could survive across an operating system (OS) boot process and runtime This issue affects: Module name: AMITSE SHA256: 288769fcb374d9280735e259c579e2dc209491f4da43b085d6aabc2d6e6ee57d Module GUID: b1da0adf-4f77-4070-a88e-bffe1c60529a This issue affects: AMI Aptio 5.x.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-20T22:39:39.000000Z"}, {"uuid": "b260ea8c-0ea9-4b40-9d7e-9819513de4df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21548", "type": "seen", "source": "https://t.me/cibsecurity/46608", "content": "\u203c CVE-2022-21548 \u203c\n\nVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T02:47:17.000000Z"}, {"uuid": "4d5b5495-ccf6-4555-9197-e2a02e5cccda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21547", "type": "seen", "source": "https://t.me/cibsecurity/46610", "content": "\u203c CVE-2022-21547 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Federated). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T02:47:19.000000Z"}, {"uuid": "0aa3e45e-0944-43a2-be0f-66bbeb1cdd99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21546", "type": "seen", "source": "https://t.me/cvedetector/24383", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-21546 - Dell SBC Null Data Buffer Access Crash Vulnerability (Denial of Service)\", \n  \"Content\": \"CVE ID : CVE-2022-21546 \nPublished : May 2, 2025, 10:15 p.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : In newer version of the SBC specs, we have a NDOB bit that indicates there is no data buffer that gets written out. If this bit is set using commands like \"sg_write_same --ndob\" we will crash in target_core_iblock/file's execute_write_same handlers when we go to access the se_cmd->t_data_sg because its NULL. CVSS 3.1 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-03T01:59:29.000000Z"}]}