{"vulnerability": "cve-2022-4245", "sightings": [{"uuid": "8f8c21c7-c17f-4d00-91d4-aeef6c0ff1f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42450", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14188", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42450\n\ud83d\udd25 CVSS Score: 4.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications.\n\ud83d\udccf Published: 2025-04-30T21:07:57.381Z\n\ud83d\udccf Modified: 2025-04-30T21:07:57.381Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120722", "creation_timestamp": "2025-04-30T22:14:28.000000Z"}, {"uuid": "21bac572-cf58-4104-b175-be86e7b04209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42450", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo37f5jten2e", "content": "", "creation_timestamp": "2025-05-01T01:56:12.496064Z"}, {"uuid": "c7deff23-c029-429b-adfd-7d8070cb4a81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42455", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8107", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42455\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T18:00:16.253Z\n\ud83d\udd17 References:\n1. https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0003.md", "creation_timestamp": "2025-03-19T18:19:24.000000Z"}, {"uuid": "5f4a76e5-035f-441f-b5be-1e1b1e61b5aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42458", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/175", "content": "Top Security News for 11/10/2022\n\nPython and Malware: Writing a simple wiper malware\nhttps://0x00sec.org/t/python-and-malware-writing-a-simple-wiper-malware/31652 \n\nGitLab: RCE via github import\nhttps://www.reddit.com/r/netsec/comments/y0cnw1/gitlab_rce_via_github_import/ \n\nWhite House unveils Blueprint for an AI Bill of Rights\nhttps://www.malwarebytes.com/blog/news/2022/10/the-white-houses-new-bill-of-rights-holds-big-tech-companies-accountable-for-their-ai \n\nA week in security (October 3 \u2013 9)\nhttps://www.malwarebytes.com/blog/news/2022/10/a-week-in-security-october-3-9 \n\nEndor Labs offers dependency management platform for open source software\nhttps://www.csoonline.com/article/3675963/endor-labs-offers-dependency-management-platform-for-open-source-software.html#tk.rss_all \n\nWhite House unveils Blueprint for an AI Bill of Rights\nhttps://malware.news/t/white-house-unveils-blueprint-for-an-ai-bill-of-rights/64045#post_1 \n\nISC Stormcast For Tuesday, October 11th, 2022 https://isc.sans.edu/podcastdetail.html?id=8208, (Tue, Oct 11th)\nhttps://malware.news/t/isc-stormcast-for-tuesday-october-11th-2022-https-isc-sans-edu-podcastdetail-html-id-8208-tue-oct-11th/64048#post_1 \n\nHackers Steal $100 Million Cryptocurrency from Binance Bridge\nhttps://thehackernews.com/2022/10/hackers-steal-100-million.html \n\nSecurity Alert: Alert Regarding Authentication Bypass Vulnerability (CVE-2022-42458) in bingo!CMS\nhttps://malware.news/t/security-alert-alert-regarding-authentication-bypass-vulnerability-cve-2022-42458-in-bingo-cms/64049#post_1 \n\nPersistent PHP payloads in PNGs: How to inject PHP code in an image and keep it there!\nhttps://www.reddit.com/r/netsec/comments/y0jlzp/persistent_php_payloads_in_pngs_how_to_inject_php/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-10-11T07:00:07.000000Z"}, {"uuid": "b6d067b0-0c2c-4908-8cf4-a82a95130e51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42450", "type": "seen", "source": "https://t.me/cvedetector/24172", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-42450 - HCL Domino Volt SVG Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-42450 \nPublished : April 30, 2025, 10:15 p.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications. \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T02:17:31.000000Z"}, {"uuid": "7cd3fcd4-8ac2-4d66-983e-d7e2bcce1e64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42451", "type": "seen", "source": "https://t.me/cibsecurity/72068", "content": "\u203c CVE-2022-42451 \u203c\n\nCertain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T12:17:24.000000Z"}, {"uuid": "73a2df87-c469-4cdf-81eb-84b0f8c33c9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42452", "type": "seen", "source": "Telegram/TikMMHZg1dELOjK00jOWVmenFDc6Bal-UjPG7kferUUYY8B4", "content": "", "creation_timestamp": "2025-02-14T10:05:07.000000Z"}, {"uuid": "50a6925f-7f66-4937-a45e-8fe3a59f0db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42458", "type": "seen", "source": "https://t.me/cibsecurity/54119", "content": "\u203c CVE-2022-42458 \u203c\n\nAuthentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-07T12:24:52.000000Z"}, {"uuid": "c1b1d0af-3d9c-4f54-b2a0-28396fe9dfe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4245", "type": "seen", "source": "https://t.me/cibsecurity/71014", "content": "\u203c CVE-2022-4245 \u203c\n\nA flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-26T00:34:27.000000Z"}, {"uuid": "f11e3cf5-fcc5-4f6b-82b1-e582c436c90d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42455", "type": "seen", "source": "https://t.me/cibsecurity/58291", "content": "\u203c CVE-2022-42455 \u203c\n\nASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T00:36:54.000000Z"}, {"uuid": "0f995bb9-f8ee-497f-8779-91efb522e343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42453", "type": "seen", "source": "https://t.me/cibsecurity/54847", "content": "\u203c CVE-2022-42453 \u203c\n\nThere are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T14:25:33.000000Z"}, {"uuid": "9c59e271-fbbf-47b3-a58e-5141358f211e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42457", "type": "seen", "source": "https://t.me/cibsecurity/50934", "content": "\u203c CVE-2022-42457 \u203c\n\nGenerex CS141 before 2.08 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., command execution can occur via a reverse shell installed by install.sh).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:23:14.000000Z"}, {"uuid": "90ecd6f7-589c-4bd2-8656-e6c046309bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42454", "type": "seen", "source": "https://t.me/cibsecurity/55060", "content": "\u203c CVE-2022-42454 \u203c\n\nInsights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure. This requires privileged network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T20:12:50.000000Z"}]}