{"vulnerability": "cve-2022-2579", "sightings": [{"uuid": "66dd8876-3156-4b3d-9054-edaa2694d2c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25796", "type": "seen", "source": "https://t.me/cibsecurity/40525", "content": "\u203c CVE-2022-25796 \u203c\n\nA Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T00:22:20.000000Z"}, {"uuid": "e46d48f9-0d59-4d1d-a0be-19f79371e485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25799", "type": "seen", "source": "https://t.me/cibsecurity/48267", "content": "\u203c CVE-2022-25799 \u203c\n\nAn open redirect vulnerability exists in CERT/CC VINCE software prior to 1.5.0. An attacker could send a link that has a specially crafted URL and convince the user to click the link. When an authenticated user clicks the link, the authenticated user's browser could be redirected to a malicious site that is designed to impersonate a legitimate website. The attacker could trick the user and potentially acquire sensitive information such as the user's credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-17T02:39:28.000000Z"}, {"uuid": "0762ec50-516a-4e55-b183-dd054c79ccc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2579", "type": "seen", "source": "https://t.me/cibsecurity/47269", "content": "\u203c CVE-2022-2579 \u203c\n\nA vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument userName with the input lala leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-29T20:13:44.000000Z"}, {"uuid": "87577486-fb5c-46e0-afd4-74aadd52d46e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25794", "type": "seen", "source": "https://t.me/cibsecurity/40534", "content": "\u203c CVE-2022-25794 \u203c\n\nAn Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.2 and prior may lead to code execution through maliciously crafted ActionScript Byte Code \u00e2\u20ac\u0153ABC\u00e2\u20ac\ufffd files or information disclosure. ABC files are created by the Flash compiler and contain executable code. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T00:22:32.000000Z"}]}