{"vulnerability": "cve-2022-3396", "sightings": [{"uuid": "c40889ec-8739-4f6d-8f5d-919e3ddee386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33963", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2966", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-33963\n\ud83d\udd39 Description: Incorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Windows before version 4.2.34870 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2023-05-10T13:17:20.326Z\n\ud83d\udccf Modified: 2025-01-24T17:46:31.123Z\n\ud83d\udd17 References:\n1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00782.html", "creation_timestamp": "2025-01-24T18:05:14.000000Z"}, {"uuid": "3d35316b-9d72-4d25-a054-f5eb367787a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33961", "type": "seen", "source": "https://t.me/cibsecurity/63742", "content": "\u203c CVE-2022-33961 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WaspThemes Visual CSS Style Editor plugin <=\u00c2\u00a07.5.8 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T14:14:33.000000Z"}, {"uuid": "8e62327c-cc07-4caa-a0b3-cbe9fdc35f0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33963", "type": "seen", "source": "https://t.me/cibsecurity/63797", "content": "\u203c CVE-2022-33963 \u203c\n\nIncorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Windows before version 4.2.34870 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:28:56.000000Z"}, {"uuid": "cb3d8948-d4db-4457-abaa-7c0da4f47fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33964", "type": "seen", "source": "https://t.me/cibsecurity/58389", "content": "\u203c CVE-2022-33964 \u203c\n\nImproper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T00:14:15.000000Z"}, {"uuid": "78eae7cb-652e-4702-8cab-7d207f012c78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3396", "type": "seen", "source": "https://t.me/cibsecurity/50910", "content": "\u203c CVE-2022-3396 \u203c\n\nOMRON CX-Programmer 9.78 and prior is vulnerable to an Out-of-Bounds Write, which may allow an attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:17:02.000000Z"}, {"uuid": "5a83964b-73cc-42d8-9af4-4a9710f147b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33965", "type": "seen", "source": "https://t.me/cibsecurity/46907", "content": "\u203c CVE-2022-33965 \u203c\n\nMultiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T18:33:07.000000Z"}, {"uuid": "cc25f7be-8453-48b5-9bc3-19c333c83b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33969", "type": "seen", "source": "https://t.me/cibsecurity/46954", "content": "\u203c CVE-2022-33969 \u203c\n\nAuthenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-25T22:33:22.000000Z"}, {"uuid": "254e5def-1954-40bd-b31a-ce467c5ae53b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33960", "type": "seen", "source": "https://t.me/cibsecurity/46828", "content": "\u203c CVE-2022-33960 \u203c\n\nMultiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-22T20:23:34.000000Z"}, {"uuid": "4b990cf3-82e7-4312-be73-cf47c0f078fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33968", "type": "seen", "source": "https://t.me/cibsecurity/47584", "content": "\u203c CVE-2022-33968 \u203c\n\nIn BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, when an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-04T22:20:09.000000Z"}, {"uuid": "2a2e789b-ee32-4012-a081-1a0935886fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33967", "type": "seen", "source": "https://t.me/cibsecurity/46630", "content": "\u203c CVE-2022-33967 \u203c\n\nsquashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-20T14:49:21.000000Z"}]}