https://vulnerability.circl.lu/sightings/feed 2026-06-14T17:55:56.114950+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/9335d75c-ab6d-42d6-bd87-8c4f9d21ba2b/export 2026-06-14T17:55:56.424289+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "9335d75c-ab6d-42d6-bd87-8c4f9d21ba2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33916", "type": "seen", "source": "https://t.me/cibsecurity/48565", "content": "\u203c CVE-2022-33916 \u203c\n\nOPC UA .NET Standard Reference Server 1.04.368 allows a remote attacker to cause the application to access sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T07:21:04.000000Z"} 2022-08-23T07:21:04+00:00 https://vulnerability.circl.lu/sighting/e45ed94c-03f9-4215-97b6-52a7103a2e06/export 2026-06-14T17:55:56.424205+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "e45ed94c-03f9-4215-97b6-52a7103a2e06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3391", "type": "seen", "source": "https://t.me/cibsecurity/52037", "content": "\u203c CVE-2022-3391 \u203c\n\nThe Retain Live Chat WordPress plugin through 0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-25T20:27:08.000000Z"} 2022-10-25T20:27:08+00:00 https://vulnerability.circl.lu/sighting/ae035b46-eb3a-431b-9335-f960f8490441/export 2026-06-14T17:55:56.424127+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "ae035b46-eb3a-431b-9335-f960f8490441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "content": "", "creation_timestamp": "2022-11-22T21:05:00.000000Z"} 2022-11-22T21:05:00+00:00 https://vulnerability.circl.lu/sighting/3aa0ee5b-ebd4-4c84-837f-f65734068e18/export 2026-06-14T17:55:56.424043+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "3aa0ee5b-ebd4-4c84-837f-f65734068e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7224", "content": "#exploit\n1. CVE-2022-26696:\nmacOS Sandbox Escape vulnerability via Terminal\nhttps://wojciechregula.blog/post/macos-sandbox-escape-via-terminal\n\n2. CVE-2022-33917:\nArm Mali CSF: page freed while still mapped into host userspace due to VMA split mishandling\n]-> https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "creation_timestamp": "2022-11-23T11:03:00.000000Z"} 2022-11-23T11:03:00+00:00 https://vulnerability.circl.lu/sighting/c7e271f8-00d3-4138-9056-ce134e5f719b/export 2026-06-14T17:55:56.423958+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c7e271f8-00d3-4138-9056-ce134e5f719b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1471", "content": "#exploit\n1. CVE-2022-26696:\nmacOS Sandbox Escape vulnerability via Terminal\nhttps://wojciechregula.blog/post/macos-sandbox-escape-via-terminal\n\n2. CVE-2022-33917:\nArm Mali CSF: page freed while still mapped into host userspace due to VMA split mishandling\n]-> https://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "creation_timestamp": "2022-11-23T16:05:12.000000Z"} 2022-11-23T16:05:12+00:00 https://vulnerability.circl.lu/sighting/e1edffe1-ed13-474f-ac05-64b6b614c415/export 2026-06-14T17:55:56.423780+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "e1edffe1-ed13-474f-ac05-64b6b614c415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3742", "content": "\u0417\u0430\u0434\u0435\u0440\u0436\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c\u0438 Android-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u0437 \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u0434\u0435\u043b\u0430\u0435\u0442 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u044b \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 \u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043c\u043e\u0434\u0435\u043b\u0438 Google, Samsung, Xiaomi, Oppo, Vivo, Honor, Asus, RealMe, Motorola, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0430\u0440\u043e\u043a. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0447\u0438\u043f\u043e\u0432 Arm Mali \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b \u043e\u0448\u0438\u0431\u043a\u0438.\n\n\u0414\u0435\u043b\u043e \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c-\u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f (OEM) \u043d\u0443\u0436\u043d\u043e \u0432\u0440\u0435\u043c\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0438\u0445 \u0432 \u0441\u0432\u043e\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u2014 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u0435\u0442 \u0432\u0440\u0435\u043c\u044f \u0434\u043e \u0434\u043e\u0441\u0442\u0438\u0436\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0422\u0440\u0435\u0432\u043e\u0433\u0443 \u0437\u0430\u0431\u0438\u043b\u0438 Google Project Zero, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u043e \u00ab\u043f\u0440\u043e\u0431\u0435\u043b\u0435 \u0432 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445\u00bb.\n\nProject Zero \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2022-33917 \u0438 CVE-2022-36449 (\u0441\u043e\u0431\u0438\u0440\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 \u0434\u043b\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438) \u0432 \u0438\u044e\u043d\u0435 2022 \u0433\u043e\u0434\u0430.\n\nCVE-2022-33917 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 GPU \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u044b\u043c \u0440\u0430\u0437\u0434\u0435\u043b\u0430\u043c \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u044f\u0434\u0440\u0430 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u043e\u0442 Valhall r29p0 \u0434\u043e r38p0.\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438, \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0431\u0443\u0444\u0435\u0440\u0430 \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u0441\u043e\u043f\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u043f\u0430\u043c\u044f\u0442\u0438.\n\n\u0412\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u044f\u0434\u0440\u0430 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Arm Mali \u043e\u0442 Midgard r4p0 \u0434\u043e r32p0, Bifrost \u043e\u0442 r0p0 \u0434\u043e r38p0 \u0438 r39p0 \u0434\u043e r38p1 \u0438 Valhall \u043e\u0442 r19p0 \u0434\u043e r38p0 \u0438 r39p0 \u0434\u043e r38p1.\n\n\u0414\u0440\u0430\u0439\u0432\u0435\u0440\u044b \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430 Mali \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0442\u0430\u043a\u0438\u043c\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430\u043c\u0438, \u043a\u0430\u043a MediaTek, HiSilicon Kirin \u0438 Exyno, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e Android-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043d\u0430 \u0440\u044b\u043d\u043a\u0435.\n\nProject Zero \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u044d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043a\u0430\u043a (2325, 2327, 2331, 2333 \u0438 2334) \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0441\u0440\u0435\u0434\u043d\u044e\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0435 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Android.\n\n\u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043e\u0442 Arm \u0435\u0449\u0435 \u043d\u0435 \u0434\u043e\u0448\u043b\u043e \u0434\u043e OEM-\u043f\u0430\u0440\u0442\u043d\u0435\u0440\u043e\u0432 \u0438 \u0442\u0435\u0441\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Android \u0438 Pixel.\n\n\u0427\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0435\u043b\u044c Android \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u0432\u043e\u0438\u043c \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0431\u0443\u0434\u0443\u0442 \u0441\u0430\u043c\u0438 \u043d\u0435\u0441\u0442\u0438 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0437\u0430 \u0435\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0436\u0435 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0434\u0435\u043b\u0430\u0442\u044c, \u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u0442\u044c, \u043f\u043e\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u0438\u0445 \u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432 \u0432\u044b\u043a\u0430\u0442\u044f\u0442 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u044b \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439 \u043d\u0430 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Midgard \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0438\u043c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043f\u043e\u043f\u0440\u043e\u0449\u0430\u0442\u044c\u0441\u044f \u0441\u043e \u0441\u0432\u043e\u0438\u043c\u0438 \u0433\u0430\u0434\u0436\u0435\u0442\u0430\u043c\u0438.", "creation_timestamp": "2022-11-24T12:08:24.000000Z"} 2022-11-24T12:08:24+00:00 https://vulnerability.circl.lu/sighting/06ee9ec8-7a49-420e-985e-e89afead4dd7/export 2026-06-14T17:55:56.423697+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "06ee9ec8-7a49-420e-985e-e89afead4dd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "Telegram/B5r4kFnBFEHpbf1pdgoKaOZNyOgaMcXW30gWxds-rBS-", "content": "", "creation_timestamp": "2022-11-25T20:25:39.000000Z"} 2022-11-25T20:25:39+00:00 https://vulnerability.circl.lu/sighting/8150d753-4aec-4ea0-aeea-5b60078a302a/export 2026-06-14T17:55:56.423591+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "8150d753-4aec-4ea0-aeea-5b60078a302a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "https://t.me/crackcodes/1544", "content": "\ud83d\udd25Mind the Gap \n\nThe week before FirstCon22, Maddie gave an internal preview of her talk(\"0-day In-the-Wild Exploitation in 2022\u2026so far\"). Inspired by the description of an in-the-wild vulnerability in low-level memory management code, fellow Project Zero researcher Jann Horn started auditing the ARM Mali GPU driver. Over the next three weeks, Jann found five more exploitable vulnerabilities (2325, 2327, 2331, 2333, 2334).\n\n\u26a0\ufe0fThe vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others). Devices with a Mali GPU are currently vulnerable.", "creation_timestamp": "2022-11-28T14:41:47.000000Z"} 2022-11-28T14:41:47+00:00 https://vulnerability.circl.lu/sighting/11b41a67-d396-46f1-9378-a23950739f18/export 2026-06-14T17:55:56.423430+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "11b41a67-d396-46f1-9378-a23950739f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-33917", "type": "seen", "source": "https://t.me/androidMalware/1711", "content": "Vulnerability discovered in devices with a Mali GPU\nThe vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others) \nhttps://googleprojectzero.blogspot.com/2022/11/mind-the-gap.html", "creation_timestamp": "2023-02-18T06:16:28.000000Z"} 2023-02-18T06:16:28+00:00 https://vulnerability.circl.lu/sighting/413cff85-9b3a-4495-8433-ef90c61eaa46/export 2026-06-14T17:55:56.420156+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "413cff85-9b3a-4495-8433-ef90c61eaa46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3391", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15824", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3391\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Retain Live Chat WordPress plugin through 0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\ud83d\udccf Published: 2022-10-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T19:07:22.850Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/ecc51420-ee50-4e39-a38d-09686f1996f2", "creation_timestamp": "2025-05-09T19:26:19.000000Z"} 2025-05-09T19:26:19+00:00