{"vulnerability": "cve-2022-3274", "sightings": [{"uuid": "e61546c9-bec8-4512-a3bd-747d084a11f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32744", "type": "published-proof-of-concept", "source": "Telegram/K-NdsruMw1Fym1ldoCgIBSKfSnuSwSHmNQJK0ReNQEl6Hw", "content": "", "creation_timestamp": "2022-08-01T15:43:03.000000Z"}, {"uuid": "fc7e39e3-8c4c-4799-a224-08d357a26f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32744", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/914", "content": "Updates On Hackbyte Forum:-\n\n1. Erebus - Fast and customisable parameter based vulnerability scanner based on simple YAML Rules\n2. Zeratool - Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems\n3. CVE-2022-36946 linux kernel panic in netfilter_queue\n4. CVE-2022-32744: Critical Samba admin password reset flaw\n5. aif_ru Leak\n6. Exactis Company Leak\n7. paidleaf.co_68K Leak\n8. CVE-2022-26712: The POC for SIP-Bypass\n9. CVE-2022-26138: Confluence Hardcoded Password POC\n10. Blizzard-Jailbreak-9: Blizzard Jailbreak for iOS 9.0 - 9.3.6, 32-Bit\n11. Quasar: Remote Administration Tool for Windows\n12. pochta Leak\n13. COINPAYEX.LTD Data Leak\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffbAll Updates On :- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-08-24T11:48:28.000000Z"}, {"uuid": "49f5c81a-d156-4832-954d-510555694065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32747", "type": "seen", "source": "https://t.me/cibsecurity/57196", "content": "\u203c CVE-2022-32747 \u203c\n\nA CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. Affected Products: EcoStruxure\u00e2\u201e\u00a2 Cybersecurity Admin Expert (CAE) (Versions prior to 2.2)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-31T02:50:42.000000Z"}, {"uuid": "113f16f8-b6db-4838-a973-ec55e094b85e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32749", "type": "seen", "source": "https://t.me/cibsecurity/54852", "content": "\u203c CVE-2022-32749 \u203c\n\nImproper Check for Unusual or Exceptional Conditions vulnerability handling requests in Apache Traffic Server allows an attacker to crash the server under certain conditions. This issue affects Apache Traffic Server: from 8.0.0 through 9.1.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:38.000000Z"}, {"uuid": "74cffb04-892f-4341-b1b3-6487e2bc7a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32740", "type": "seen", "source": "https://t.me/cibsecurity/44248", "content": "\u203c CVE-2022-32740 \u203c\n\nA reply to a forwarded email article by a 3rd party could unintensionally expose the email content to the ticket customer under certain circumstances.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-13T12:17:40.000000Z"}, {"uuid": "dd24ec84-c059-488f-9e77-b53972389c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32742", "type": "seen", "source": "https://t.me/cibsecurity/48804", "content": "\u203c CVE-2022-32742 \u203c\n\nA flaw was found in Samba. Some SMB1 write requests were not correctly range-checked to ensure the client had sent enough data to fulfill the write, allowing server memory contents to be written into the file (or printer) instead of client-supplied data. The client cannot control the area of the server memory written to the file (or printer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T22:24:24.000000Z"}, {"uuid": "aabec6d4-5f6d-44e2-99b4-cbfdd1e923ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32744", "type": "seen", "source": "https://t.me/cibsecurity/48803", "content": "\u203c CVE-2022-32744 \u203c\n\nA flaw was found in Samba. The KDC accepts kpasswd requests encrypted with any key known to it. By encrypting forged kpasswd requests with its own key, a user can change other users' passwords, enabling full domain takeover.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T22:24:22.000000Z"}, {"uuid": "a463f65b-31f5-49b2-b305-e7243ed2c262", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32746", "type": "seen", "source": "https://t.me/cibsecurity/48798", "content": "\u203c CVE-2022-32746 \u203c\n\nA flaw was found in the Samba AD LDAP server. The AD DC database audit logging module can access LDAP message values freed by a preceding database module, resulting in a use-after-free issue. This issue is only possible when modifying certain privileged attributes, such as userAccountControl.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T22:24:12.000000Z"}, {"uuid": "795f9b02-f7bf-492e-8548-ec14d9ec9526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32745", "type": "seen", "source": "https://t.me/cibsecurity/48795", "content": "\u203c CVE-2022-32745 \u203c\n\nA flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T22:24:05.000000Z"}, {"uuid": "f90a9ad0-332d-4f0c-a910-b6def1e93945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32741", "type": "seen", "source": "https://t.me/cibsecurity/44253", "content": "\u203c CVE-2022-32741 \u203c\n\nAttacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-13T12:17:48.000000Z"}]}