{"vulnerability": "cve-2022-2457", "sightings": [{"uuid": "7d471c6e-2268-4c33-b17b-8c2c9889a0e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2457", "type": "seen", "source": "https://t.me/cibsecurity/47916", "content": "\u203c CVE-2022-2457 \u203c\n\nA flaw was found in Red Hat Process Automation Manager 7 where an attacker can benefit from a brute force attack against Administration Console as the application does not limit the number of unsuccessful login attempts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-11T00:32:26.000000Z"}, {"uuid": "ecd77011-05e7-4a71-aefa-5a3b8e69ea3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24573", "type": "seen", "source": "https://t.me/cibsecurity/38344", "content": "\u203c CVE-2022-24573 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T07:25:48.000000Z"}, {"uuid": "4a627e75-c8f9-4a7c-bb00-23104a7f4f66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24577", "type": "seen", "source": "https://t.me/cibsecurity/38882", "content": "\u203c CVE-2022-24577 \u203c\n\nGPAC 1.0.1 is affected by a NULL pointer dereference in gf_utf8_wcslen ().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T17:23:41.000000Z"}, {"uuid": "059c7b93-99c1-4f2e-9e46-459f3f4b8e3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24575", "type": "seen", "source": "https://t.me/cibsecurity/38877", "content": "\u203c CVE-2022-24575 \u203c\n\nGPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T17:18:33.000000Z"}, {"uuid": "a991e881-dd7b-48b2-abad-719598f15a3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24578", "type": "seen", "source": "https://t.me/cibsecurity/38903", "content": "\u203c CVE-2022-24578 \u203c\n\nGPAC 1.0.1 is affected by a heap-based buffer overflow in SFS_AddString () at bifs/script_dec.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T21:18:24.000000Z"}, {"uuid": "39eb4cd1-46c7-4bdd-a780-f3910c8feab1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24574", "type": "seen", "source": "https://t.me/cibsecurity/38880", "content": "\u203c CVE-2022-24574 \u203c\n\nGPAC 1.0.1 is affected by a NULL pointer dereference in gf_dump_vrml_field.isra ().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T17:18:36.000000Z"}, {"uuid": "f9f6808f-308c-4205-b9dd-c510ab7e9bb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24576", "type": "seen", "source": "https://t.me/cibsecurity/38885", "content": "\u203c CVE-2022-24576 \u203c\n\nGPAC 1.0.1 is affected by Use After Free through MP4Box.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T17:23:45.000000Z"}, {"uuid": "6654fc20-3989-4d85-a7b6-15a8aeb1be58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24571", "type": "seen", "source": "https://t.me/cibsecurity/38173", "content": "\u203c CVE-2022-24571 \u203c\n\nCar Driving School Management System v1.0 is affected by SQL injection in the login page. An attacker can use simple SQL login injection payload to get admin access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-28T16:23:15.000000Z"}, {"uuid": "871781a5-7450-4a1a-84d4-1b05de5b12ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24572", "type": "seen", "source": "https://t.me/cibsecurity/38172", "content": "\u203c CVE-2022-24572 \u203c\n\nCar Driving School Management System v1.0 is affected by Cross Site Scripting (XSS) in the User Enrollment Form (Username Field). To exploit this Vulnerability, an admin views the registered user details.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-28T16:23:14.000000Z"}]}