{"vulnerability": "cve-2022-2959", "sightings": [{"uuid": "87227537-ccd1-48eb-9967-5091382e3cca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29593", "type": "seen", "source": "Telegram/tvagmoXGD-sjRG5teDO-DfPH2_iB-IEEjYRnLqN5-gAxoA", "content": "", "creation_timestamp": "2022-07-15T08:17:26.000000Z"}, {"uuid": "045cf602-6d42-43a0-8b8b-b7662518c36a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29593", "type": "published-proof-of-concept", "source": "https://t.me/malwar3s/17", "content": "https://github.com/9lyph/CVE-2022-29593", "creation_timestamp": "2022-07-17T10:25:23.000000Z"}, {"uuid": "1d7812b1-4dd6-46af-aabf-41819f0d8f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29593", "type": "seen", "source": "https://t.me/cibsecurity/46244", "content": "\u203c CVE-2022-29593 \u203c\n\nrelay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T18:32:37.000000Z"}, {"uuid": "a28ea59c-b656-4270-be72-95c330c6252a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29593", "type": "seen", "source": "https://t.me/crackcodes/838", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccRetbleed: Arbitrary Speculative Code Execution with Return Instructions\n\ud83d\udcccExecuting Arbitrary Code Over a Phone Line Thanks to the XBAND Video Game Modem\n\ud83d\udcccRolling PWN Attack Affecting Honda Vehicles\n\ud83d\udcccCVE-2022-32223 Discovery: DLL Hijacking via npm CLI\n\ud83d\udcccFrom Prototype Pollution to Remote Code Execution in Blitz.js\n\ud83d\udcccAttacking Active Directory: 0 to 0.9\n\ud83d\udcccCVE-2022-29885 \u2013 Apache Tomcat Cluster Service DoS\n\ud83d\udcccCVE-2022-29593\n\ud83d\udcccNorth South University / Bangladesh / email login\n\ud83d\udcccdeeppaste Leak\n\ud83d\udcccLivejournalfull Leak\n\ud83d\udcccGemotest Crm Leak\n\ud83d\udcccSplunk Attack\n\ud83d\udcccNzyme - WiFi Defense System\n\ud83d\udcccProject-Whis - Advanced HTTP Botnet\n\ud83d\udcccCode Signing Certificate Cloning Attack\n\ud83d\udcccRetbleed - Arbitrary Speculative Code Execution with Return Instruction.\n\ud83d\udcccConfluence Pre-Auth RCE.\n\ud83d\udcccmicrosoft-rpc-fuzzing-tools\n\ud83d\udcccCVE-2022-26135\n\ud83d\udcccXSS Payload List\n\ud83d\udcccheaders for hackers | PHP #ssrf | #cve-2020-7066 Video\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb Updates:- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-16T09:11:59.000000Z"}, {"uuid": "6e91933f-bc2c-4057-86db-dee5a75460dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29596", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1211", "content": "CVE-2022-29596\nMicroStrategy Enterprise Manager 2022\n\u043e\u0431\u0445\u043e\u0434\u0438\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0443 \u0432\u0445\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0430 \u0437\u0430\u0442\u0435\u043c \u0432\u0432\u043e\u0434\u044f:\n\nUid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login\n\n#microsoft #bypass", "creation_timestamp": "2022-12-08T09:14:46.000000Z"}, {"uuid": "4994dfc3-1077-45fe-9106-1f4275d0c656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29596", "type": "published-proof-of-concept", "source": "Telegram/9o0ymoPbqxJogDBdOsK7IpGE8avxrE6uGvpNwdwk5ffIOlw", "content": "", "creation_timestamp": "2022-12-13T07:08:05.000000Z"}, {"uuid": "36f0c8bb-921f-488b-968c-73d30a1f6031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2959", "type": "seen", "source": "https://t.me/cibsecurity/48794", "content": "\u203c CVE-2022-2959 \u203c\n\nA race condition was found in the Linux kernel's watch queue due to a missing lock in pipe_resize_ring(). The specific flaw exists within the handling of pipe buffers. The issue results from the lack of proper locking when performing operations on an object. This flaw allows a local user to crash the system or escalate their privileges on the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T22:24:00.000000Z"}, {"uuid": "d9c21b32-f67f-4cae-8ba9-ad92f398db9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29592", "type": "seen", "source": "https://t.me/cibsecurity/42025", "content": "\u203c CVE-2022-29592 \u203c\n\nTenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by doSystemCmd_route).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-05T20:42:43.000000Z"}, {"uuid": "503cdb61-5e25-4855-af4f-7aaabc86ee54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29597", "type": "seen", "source": "https://t.me/cibsecurity/43765", "content": "\u203c CVE-2022-29597 \u203c\n\nSolutions Atlantic Regulatory Reporting System (RRS) v500 is vulnerable to Local File Inclusion (LFI). Any authenticated user has the ability to reference internal system files within requests made to the RRSWeb/maint/ShowDocument/ShowDocument.aspx page. The server will successfully respond with the file contents of the internal system file requested. This ability could allow for adversaries to extract sensitive data and/or files from the underlying file system, gain knowledge about the internal workings of the system, or access source code of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-02T22:26:00.000000Z"}, {"uuid": "7c72f011-5674-4571-86cd-f8352ac6ef6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29599", "type": "seen", "source": "https://t.me/cibsecurity/43155", "content": "\u203c CVE-2022-29599 \u203c\n\nIn Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-23T14:36:02.000000Z"}, {"uuid": "b2463ac6-a35f-4e3b-b1cf-1665ae3f320b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29591", "type": "seen", "source": "https://t.me/cibsecurity/42235", "content": "\u203c CVE-2022-29591 \u203c\n\nTenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T16:55:20.000000Z"}, {"uuid": "95bfc649-8489-4aff-bb91-fcd436a1a9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29596", "type": "seen", "source": "https://t.me/cibsecurity/42452", "content": "\u203c CVE-2022-29596 \u203c\n\nMicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-12T00:34:35.000000Z"}, {"uuid": "ae07acf5-0e15-4f3c-b4fe-8958861ed119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29596", "type": "seen", "source": "https://t.me/LearnExploit/4380", "content": "CVE-2022-29596 ( MicroStrategy Enterprise Manager 2022 )\n\nUid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054= Login\n\n#microsoft #bypass\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-01-04T10:02:38.000000Z"}, {"uuid": "0bfbaa6c-9ec3-4c8e-8bef-2ecd4759d0d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29593", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6491", "content": "#exploit\n1. CVE-2022-36946:\nLinux kernel panic in netfilter_queue\nhttps://github.com/Pwnzer0tt1/CVE-2022-36946\n\n2. CVE-2022-29593:\nAuthentication Bypass by Capture Replay (Dingtian-DT-R002)\nhttps://github.com/9lyph/CVE-2022-29593", "creation_timestamp": "2022-07-30T15:50:42.000000Z"}]}