{"vulnerability": "cve-2022-4001", "sightings": [{"uuid": "646effb8-bcae-435e-81d4-0f6069b16e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40016", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8105", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40016\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Use After Free (UAF) vulnerability in ireader media-server before commit 3e0f63f1d3553f75c7d4eb32fa7c7a1976a9ff84 in librtmp, allows attackers to cause a denial of service.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T18:02:17.996Z\n\ud83d\udd17 References:\n1. https://github.com/ireader/media-server/issues/235", "creation_timestamp": "2025-03-19T18:19:20.000000Z"}, {"uuid": "0911ee6e-0168-4a2e-b366-96b8359fab30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4001", "type": "seen", "source": "https://t.me/cvedetector/2184", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-4001 - Apache API Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-4001 \nPublished : July 31, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : An authentication bypass vulnerability could allow an attacker to access API functions without authentication. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T00:22:07.000000Z"}, {"uuid": "01f5c1f3-c3b3-483b-a5d2-2eb3dac86575", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40010", "type": "seen", "source": "https://t.me/cibsecurity/65524", "content": "\u203c CVE-2022-40010 \u203c\n\nTenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-26T20:55:08.000000Z"}, {"uuid": "edec9555-c962-44ed-a722-7d87f5e08bd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40011", "type": "seen", "source": "https://t.me/cibsecurity/55272", "content": "\u203c CVE-2022-40011 \u203c\n\nCross Site Scripting (XSS) vulnerability in typora through 1.38 allows remote attackers to run arbitrary code via export from editor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-24T02:14:48.000000Z"}, {"uuid": "0b4b1eb0-b2ae-49b7-85c2-0e92775cc1b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40010", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8556", "content": "#exploit\n1. CVE-2022-40010:\nTenda AC6 AC1200 15.03.06.5 - Cross Site Scripting\nhttps://packetstormsecurity.com/files/173029/Tenda-AC6-AC1200-15.03.06.50_multi-Cross-Site-Scripting.html\n\n2. CVE-2023-33140:\nMS OneNote 2305 Build 16.0.16501.20074 - Spoofing\nhttps://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-33140\n]-&gt; https://www.nu11secur1ty.com/2023/06/cve-2023-33140.html", "creation_timestamp": "2023-06-26T10:59:01.000000Z"}]}