{"vulnerability": "cve-2022-4857", "sightings": [{"uuid": "a92f5620-9ccb-4a3c-b7ba-582dc8a08e32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48577", "type": "seen", "source": "https://t.me/ctinow/169786", "content": "https://ift.tt/Wzbf13F\nCVE-2022-48577 | Apple macOS APFS Privilege Escalation", "creation_timestamp": "2024-01-18T15:47:11.000000Z"}, {"uuid": "55fca941-94e3-4e17-b605-3facb8afa6e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4857", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11089", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4857\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability was found in Modbus Tools Modbus Poll up to 9.10.0 and classified as critical. Affected by this issue is some unknown functionality of the file mbpoll.exe of the component mbp File Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-217022 is the identifier assigned to this vulnerability.\n\ud83d\udccf Published: 2022-12-30T09:05:15.425Z\n\ud83d\udccf Modified: 2025-04-09T15:43:42.621Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.217022\n2. https://vuldb.com/?ctiid.217022\n3. https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Poll/Modbus%20Poll%20(version%209.10.0%20and%20earlier)%20mbp%20file%20has%20a%20buffer%20overflow%20vulnerability.md\n4. https://github.com/Durian1546/vul/blob/main/webray.com.cn/Modbus%20Poll/poc/poc.mbp", "creation_timestamp": "2025-04-09T15:47:34.000000Z"}, {"uuid": "e08b6d44-3c38-44c2-b1e6-6c359bbfe0c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48570", "type": "seen", "source": "https://t.me/cibsecurity/68934", "content": "\u203c CVE-2022-48570 \u203c\n\nCrypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally removed for functionality reasons.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:11:51.000000Z"}, {"uuid": "0853b7ab-8995-40b2-91e6-2d99fc40a5d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48571", "type": "seen", "source": "https://t.me/cibsecurity/68955", "content": "\u203c CVE-2022-48571 \u203c\n\nmemcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:17:57.000000Z"}, {"uuid": "766e63d1-ab5a-4c8d-9c74-e405ce322c45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4857", "type": "seen", "source": "https://t.me/cibsecurity/55545", "content": "\u203c CVE-2022-4857 \u203c\n\nA vulnerability was found in Modbus Tools Modbus Poll up to 9.10.0 and classified as critical. Affected by this issue is some unknown functionality of the file mbpoll.exe of the component mbp File Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-217022 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T23:30:14.000000Z"}]}