{"vulnerability": "cve-2022-3116", "sightings": [{"uuid": "5c12b0d5-913d-40cc-aeee-9683b5b124ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lqv7r23c5z2h", "content": "", "creation_timestamp": "2025-06-05T21:02:24.735005Z"}, {"uuid": "670626b7-1736-48bd-9318-d75aa5316d47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-01)", "content": "", "creation_timestamp": "2026-03-01T00:00:00.000000Z"}, {"uuid": "aae1c5d8-49e4-47c3-b682-9bc3e2c4cd6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lpujown33d2s", "content": "", "creation_timestamp": "2025-05-23T21:02:22.842404Z"}, {"uuid": "c5ae6713-1d4b-4cae-8e55-48c78c5fe078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-31161.yaml", "content": "", "creation_timestamp": "2025-05-20T07:32:08.000000Z"}, {"uuid": "db88a380-6f10-4e3f-90a4-3e403f16cb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-18)", "content": "", "creation_timestamp": "2025-09-18T00:00:00.000000Z"}, {"uuid": "2f9141dc-d51d-443f-bf8e-2a037768c7f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-19)", "content": "", "creation_timestamp": "2026-02-19T00:00:00.000000Z"}, {"uuid": "c69b2e1d-e9bc-4f7b-b23e-f41d7462dbf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-28)", "content": "", "creation_timestamp": "2026-01-28T00:00:00.000000Z"}, {"uuid": "3e86fe5f-e855-4cfd-9223-8cd72422977e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3116", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5203", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3116\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can cause the application to crash.\n\ud83d\udccf Published: 2023-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:11:43.894Z\n\ud83d\udd17 References:\n1. https://www.kb.cert.org/vuls/id/730793\n2. https://security.netapp.com/advisory/ntap-20230505-0010/", "creation_timestamp": "2025-02-24T19:22:18.000000Z"}, {"uuid": "24304620-8fd8-4395-ba1b-f36128150de6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-02)", "content": "", "creation_timestamp": "2026-03-02T00:00:00.000000Z"}, {"uuid": "39003dfe-9d9b-4f67-a194-c0033bd4f77c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31169", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13097", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31169\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: Wasmtime is a standalone runtime for WebAssembly. There is a bug in Wasmtime's code generator, Cranelift, for AArch64 targets where constant divisors can result in incorrect division results at runtime. This affects Wasmtime prior to version 0.38.2 and Cranelift prior to 0.85.2. This issue only affects the AArch64 platform. Other platforms are not affected. The translation rules for constants did not take into account whether sign or zero-extension should happen which resulted in an incorrect value being placed into a register when a division was encountered. The impact of this bug is that programs executing within the WebAssembly sandbox would not behave according to the WebAssembly specification. This means that it is hypothetically possible for execution within the sandbox to go awry and WebAssembly programs could produce unexpected results. This should not impact hosts executing WebAssembly but does affect the correctness of guest programs. This bug has been patched in Wasmtime version 0.38.2 and cranelift-codegen 0.85.2. There are no known workarounds.\n\ud83d\udccf Published: 2022-07-21T13:50:11.000Z\n\ud83d\udccf Modified: 2025-04-23T17:57:39.563Z\n\ud83d\udd17 References:\n1. https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7f6x-jwh5-m9r4\n2. https://github.com/bytecodealliance/wasmtime/commit/2ba4bce5cc719e5a74e571a534424614e62ecc41", "creation_timestamp": "2025-04-23T18:05:37.000000Z"}, {"uuid": "a9b1e34f-f962-4429-91cc-5abb612990ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31164", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13096", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31164\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. The problem has been patched in version 0.7.51.\n\ud83d\udccf Published: 2022-07-21T13:35:11.000Z\n\ud83d\udccf Modified: 2025-04-23T17:57:46.757Z\n\ud83d\udd17 References:\n1. https://github.com/tovyblox/tovy/security/advisories/GHSA-j6f8-wh4v-jc37\n2. https://github.com/tovyblox/tovy/pull/63", "creation_timestamp": "2025-04-23T18:05:34.000000Z"}, {"uuid": "53910eb2-86a8-48b6-9151-544b4517984a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31168", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13100", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31168\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who don\u2019t own any bots, and lack permission to create them, can\u2019t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to administrators only, and change the ownership of existing bots.\n\ud83d\udccf Published: 2022-07-22T13:05:12.000Z\n\ud83d\udccf Modified: 2025-04-23T17:57:19.812Z\n\ud83d\udd17 References:\n1. https://github.com/zulip/zulip/security/advisories/GHSA-c3cp-ggg5-9xw5\n2. https://github.com/zulip/zulip/commit/751b2a03e565e9eb02ffe923b7c24ac73d604034\n3. https://github.com/zulip/zulip/releases/tag/5.5", "creation_timestamp": "2025-04-23T18:05:39.000000Z"}, {"uuid": "6e6f5346-86d9-41a5-a973-5e3bda40b65c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31160", "type": "seen", "source": "https://t.me/ctinow/182000", "content": "https://ift.tt/24zQdYn\nCVE-2022-31160 | Oracle Business Intelligence Enterprise Edition 6.4.0.0.0/7.0.0.0.0/12.2.1.4.0 BI Platform Security cross site scripting", "creation_timestamp": "2024-02-09T13:22:00.000000Z"}, {"uuid": "1863fade-62b4-4e1a-8a8d-47230417e809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31162", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13095", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31162\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Slack Morphism is an async client library for Rust. Prior to 0.41.0, it was possible for Slack OAuth client information to leak in application debug logs. Stricter and more secure debug formatting was introduced in v0.41.0 for OAuth secret types to reduce the possibility of printing sensitive information in application logs. As a workaround, do not print/output requests and responses for OAuth and client configurations in logs.\n\ud83d\udccf Published: 2022-07-21T13:20:12.000Z\n\ud83d\udccf Modified: 2025-04-23T17:57:53.113Z\n\ud83d\udd17 References:\n1. https://github.com/abdolence/slack-morphism-rust/security/advisories/GHSA-99j7-mhfh-w84p\n2. https://github.com/abdolence/slack-morphism-rust/releases/tag/v0.41.0", "creation_timestamp": "2025-04-23T18:05:30.000000Z"}, {"uuid": "10cf5785-b472-44ef-bfe5-a9682de054f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31160", "type": "seen", "source": "https://t.me/ctinow/180682", "content": "https://ift.tt/SwuVfbo\nCVE-2022-31160 | Oracle Communications Billing and Revenue Management up to 12.0.0.8.0/15.0.0.0.0 Billing Care cross site scripting", "creation_timestamp": "2024-02-07T13:11:49.000000Z"}, {"uuid": "44f0dc00-764e-49fb-ac73-5dd11a50a783", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31160", "type": "seen", "source": "https://t.me/ctinow/181650", "content": "https://ift.tt/0IvldsL\nCVE-2022-31160 | Oracle Financial Services Revenue Management and Billing 5.1.0 Security unknown vulnerability", "creation_timestamp": "2024-02-08T21:46:41.000000Z"}, {"uuid": "49cb6f19-283a-4f66-8f85-51972877d9f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31160", "type": "seen", "source": "https://t.me/ctinow/181649", "content": "https://ift.tt/Dq5TZWb\nCVE-2022-31160 | Oracle Financial Services Revenue Management and Billing 2.9.0 Pricing Services cross site scripting", "creation_timestamp": "2024-02-08T21:46:39.000000Z"}, {"uuid": "0adea60f-ed03-4ee6-831d-303981ca0582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31168", "type": "seen", "source": "https://t.me/cibsecurity/46792", "content": "\u203c CVE-2022-31168 \u203c\n\nZulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who don\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2t own any bots, and lack permission to create them, can\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to administrators only, and change the ownership of existing bots.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-22T16:19:14.000000Z"}, {"uuid": "346ea6b6-5902-4dea-b2e2-637c78ad2c76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31161", "type": "seen", "source": "https://t.me/cibsecurity/46374", "content": "\u203c CVE-2022-31161 \u203c\n\nRoxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-16T00:20:39.000000Z"}]}