{"vulnerability": "cve-2022-4324", "sightings": [{"uuid": "f177540a-0a9e-4ab4-a928-c2d103964fe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43248", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43248\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\ud83d\udccf Published: 2022-11-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T20:40:42.975Z\n\ud83d\udd17 References:\n1. https://github.com/strukturag/libde265/issues/349\n2. https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html\n3. https://www.debian.org/security/2023/dsa-5346", "creation_timestamp": "2025-05-02T21:16:42.000000Z"}, {"uuid": "00fd645f-b62f-4b45-9029-9f0ea38a4e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43243", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14870", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43243\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\ud83d\udccf Published: 2022-11-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-05T13:51:58.792Z\n\ud83d\udd17 References:\n1. https://github.com/strukturag/libde265/issues/339\n2. https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html\n3. https://www.debian.org/security/2023/dsa-5346", "creation_timestamp": "2025-05-05T14:20:42.000000Z"}, {"uuid": "8c882c86-4c91-4b0d-ab1f-c2889e531e1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43244", "type": "seen", "source": "https://t.me/cibsecurity/52469", "content": "\u203c CVE-2022-43244 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:20:02.000000Z"}, {"uuid": "4d482955-4ffc-47ec-ae20-445c8ee3cc0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43249", "type": "seen", "source": "https://t.me/cibsecurity/52467", "content": "\u203c CVE-2022-43249 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:19:57.000000Z"}, {"uuid": "46cf5150-59d3-45c5-92e8-6c3aec52fec3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43245", "type": "seen", "source": "https://t.me/cibsecurity/52466", "content": "\u203c CVE-2022-43245 \u203c\n\nLibde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:19:57.000000Z"}, {"uuid": "9a5eb11e-cdf3-4c82-a841-3ed58cba38f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43241", "type": "seen", "source": "https://t.me/cibsecurity/52461", "content": "\u203c CVE-2022-43241 \u203c\n\nLibde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:19:48.000000Z"}, {"uuid": "f2b529ee-b60b-45b3-8019-119d6d2cc50a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43248", "type": "seen", "source": "https://t.me/cibsecurity/52460", "content": "\u203c CVE-2022-43248 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:19:47.000000Z"}, {"uuid": "1d02ebc5-87b5-4b73-8f59-afc6fa036f1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43243", "type": "seen", "source": "https://t.me/cibsecurity/52476", "content": "\u203c CVE-2022-43243 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_weighted_pred_avg_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:20:11.000000Z"}, {"uuid": "efe36ad1-ef15-4657-a526-3b8a3518071e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43242", "type": "seen", "source": "https://t.me/cibsecurity/52477", "content": "\u203c CVE-2022-43242 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:20:41.000000Z"}, {"uuid": "5f5b9ff4-c1ce-4079-aece-dd632e901121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43240", "type": "seen", "source": "https://t.me/cibsecurity/52464", "content": "\u203c CVE-2022-43240 \u203c\n\nLibde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-02T17:19:55.000000Z"}, {"uuid": "ced9f65d-0b10-404e-9a2e-b3a24ff2598b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4324", "type": "seen", "source": "https://t.me/cibsecurity/55757", "content": "\u203c CVE-2022-4324 \u203c\n\nThe Custom Field Template WordPress plugin before 2.5.8 unserialises the content of an imported file, which could lead to PHP object injections issues when a high privilege user import (intentionally or not) a malicious Customizer Styling file and a suitable gadget chain is present on the blog.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T11:55:12.000000Z"}]}