{"vulnerability": "CVE-2022-2274", "sightings": [{"uuid": "8212ba8c-6769-4b46-83da-809d7daf6650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3356", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis is an OpenSSL Vulnerability Detection Script for CVE-2022-2274\nURL\uff1ahttps://github.com/EkamSinghWalia/OpenSSL-Vulnerability-Detection-Script\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-11T16:31:36.000000Z"}, {"uuid": "723e9803-72eb-43fe-a7f6-8072d503ac91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "seen", "source": "https://t.me/poxek/1957", "content": "\u0412 OpenSSL \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0433\u0440\u043e\u0437\u044f\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430\n\u041e\u043f\u0430\u0441\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2022-2274, \u043a\u043b\u0430\u0441\u0441\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043f\u0440\u0438\u0432\u043d\u0435\u0441\u0435\u043d\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c OpenSSL 3.0.4 \u0432 \u0438\u044e\u043d\u0435; \u043f\u0440\u0438\u0447\u0438\u043d\u043e\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0442\u043e\u0440\u0430 2048-\u0431\u0438\u0442\u043d\u044b\u0445 \u043a\u043b\u044e\u0447\u0435\u0439 RSA \u0434\u043b\u044f CPU c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043e\u0439 x86_64 \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u043d\u0430\u0431\u043e\u0440\u0430 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439 AVX-512.\n\u25b6\ufe0f \u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-07-10T09:01:06.000000Z"}, {"uuid": "88bed83e-d9d0-4f4c-9207-6d99cfb9db5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2782", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nRescope\n\nA tool geared towards pentesters and bug-bounty researchers, that aims to make life easier when defining scopes for Burp Suite and #OWASP ZAP.\n\nFeatures:\n\u25ab\ufe0f Define public scope(s) directly from any supported BBaaS (Bug-Bounty-as-a-Service) platform.\n\u25ab\ufe0f Define private scopes by copy/pasting target definitions from pretty much anywhere.\n\u25ab\ufe0f Outputs results that are compatible with Burp Suite and Zaproxy for direct import.\n\u25ab\ufe0f Combine private and public scopes.\n\u25ab\ufe0f Easily separate excludes from includes.\n\u25ab\ufe0f Parse multiple scopes to the same result.\n\u25ab\ufe0f Supports IP-ranges & CIDR.\n\nhttps://github.com/root4loot/rescope\n\n\u200b\u200bNebula\n\nNebula is a Cloud and (hopefully) DevOps Penetration Testing framework. It is build with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or automation engines like Ansible, Terraform, Chef, etc.\n\nCurrently covers:\n\u25ab\ufe0f S3 Bucket name bruteforce\n\u25ab\ufe0f IAM, EC2, S3, STS and Lambda Enumeration\n\u25ab\ufe0f IAM, EC2, STS, and S3 exploitation\n\u25ab\ufe0f SSM Enumeration + Exploitation\n\u25ab\ufe0f Custom HTTP User-Agent\n\u25ab\ufe0f Enumerate Read Privileges (working on write privs)\n\u25ab\ufe0f Reverse Shell\n\u25ab\ufe0f No creds Reconnaisance\n\nThere are currently 67 modules covering:\n\u25ab\ufe0f Reconnaissance\n\u25ab\ufe0f Enumeration\n\u25ab\ufe0f Exploit\n\u25ab\ufe0f Cleanup\n\u25ab\ufe0f Reverse Shell\n\nhttps://github.com/gl4ssesbo1/Nebula\n\n\u200b\u200bKnownDllUnhook\n\nReplace the .txt section of the current loaded modules from \\KnownDlls\\ to bypass edrs\n\nhttps://github.com/ORCx41/KnownDllUnhook\n\n\u200b\u200bCVE-2022-2274\n\nOpenSSL 3.0.4 - bug in the RSA implementation\n\nhttps://github.com/Malwareman007/CVE-2022-2274\n\n\u200b\u200bFreeze\n\nA payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. Freeze utilizes multiple techniques to not only remove Userland EDR hooks, but to also execute shellcode in such a way that it circumvents other endpoint monitoring controls.\n\nhttps://github.com/optiv/Freeze\n\n\u200b\u200bKernelhub\n\nWindows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file \n\nhttps://github.com/Ascotbe/Kernelhub\n\n\u200b\u200bwafaray\n\nEnhance your malware detection with WAF + YARA (WAFARAY)\n\nWAFARAY is a LAB deployment based on Debian 11.3.0 (stable) x64 made and cooked between two main ingredients WAF + YARA to detect malicious files (e.g. webshells, virus, malware, binaries) typically trough web functions (upload files).\n\nhttps://github.com/alt3kx/wafaray\n\n\u200b\u200bRoastInTheMiddle\n\nRoast in the Middle is a rough proof of concept (not attack-ready) that implements a man-in-the-middle ARP spoof to intercept AS-REQ's to modify and replay to perform a Kerberoast attack.\n\nFor more information about this attack, read the blog post All Ur AS Are Belong To Us.\n\nhttps://github.com/0xe7/RoastInTheMiddle\n\n\u200b\u200bSinMapper\n\nusermode driver mapper that forcefully loads any signed kernel driver (legit cert) with a big enough section (example: .data, .rdata) to map your driver over. the main focus of this project is to prevent modern anti-cheats (BattlEye, EAC) from finding your driver and having the power to hook anything and create system threads / callbacks due to being inside of legit memory (signed legit driver).\n\nhttps://github.com/armvirus/SinMapper\n\n\u200b\u200bEVA ICS\n\nHome and Industrial/Enterprise IoT automation platform.\n\nEVA ICS allows the setup of a single IoT/IIoT management node and then easily scales it to its own private ultra-secure automation Cloud, where nodes and components discover each other automatically via the Internet or local communications.\n\nhttps://github.com/alttch/eva3\n\n\u200b\u200bPython-Honeypot\n\nAutomated Deception Framework.\n\n#OWASP Honeypot is an open-source software in Python language designed for creating honeypots and honeynets in an easy and secure way!\n\nhttps://github.com/OWASP/PyPython-Honeypo\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2023-03-30T08:38:18.000000Z"}, {"uuid": "aa4dc986-7b90-4a6f-98da-4b63a522a488", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/538", "content": "CVE-2022-2274 : OpenSSL 3.0.4 - Remote Memory Corruption /RCE # bug in the RSA implementation \nhttps://github.com/Malwareman007/CVE-2022-2274", "creation_timestamp": "2022-10-06T22:29:01.000000Z"}, {"uuid": "6d023282-98e6-4fd7-8996-9953415bc924", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "seen", "source": "https://t.me/MrVGunz/311", "content": "\u0631\u0648\u0632 \u06af\u0632\u0627\u0631\u0634 \u0637\u0628\u0642 \u0627\u0639\u0644\u0627\u0645 \u0631\u0633\u0645\u06cc \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 OpenSSL \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc \u0628\u0627 \u062f\u0631\u062c\u0647 \u0627\u0647\u0645\u06cc\u062a \u0628\u0627\u0644\u0627 \u062a\u062d\u062a \u0634\u0646\u0627\u0633\u0647 CVE-2022-2274 \u062f\u0631 \u0646\u0633\u062e\u0647 3.0.4 \u0631\u0633\u0627\u0646\u0647 \u0627\u06cc \u0634\u062f.\n\u062f\u0631 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0647\u06a9\u0631 \u06cc\u0627 \u0645\u0647\u0627\u062c\u0645 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0636\u0639\u0641 \u062f\u0631 \u0628\u062e\u0634 \u06a9\u0646\u062a\u0631\u0644 \u062d\u0627\u0641\u0638\u0647 \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0622\u0646\u060c \u0627\u0645\u06a9\u0627\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0648 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (RCE) \u0631\u0627 \u0628\u0631\u0627\u06cc \u062e\u0648\u062f \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc \u0646\u0645\u0627\u06cc\u062f.\n\u062e\u0648\u0634\u0628\u062e\u062a\u0627\u0646\u0647 \u0648\u0635\u0644\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0622\u0646 \u062a\u0648\u0633\u0637 \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u06af\u0627\u0646 \u0645\u0646\u062a\u0634\u0631 \u0634\u062f\u0647 \u0627\u0633\u062a \u0648 \u0641\u0642\u0637 \u06a9\u0627\u0641\u06cc \u0627\u0633\u062a OpenSSL \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 \u0646\u0633\u062e\u0647 3.0.5 \u0627\u0631\u062a\u0642\u0627\u0621 \u062f\u0647\u06cc\u062f.\n\n\ud83d\udcdd \u0646\u06a9\u062a\u0647: \u0628\u0627 \u062a\u0648\u062c\u0647 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u06a9\u062b\u0631 \u0633\u0627\u0645\u0627\u0646\u0647 \u0647\u0627 \u0627\u0632 \u0627\u06cc\u0646 \u0645\u0627\u0698\u0648\u0644 \u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u0627\u06cc\u062c\u0627\u062f \u0627\u0631\u062a\u0628\u0627\u0637 \u0627\u0645\u0646 \u0648 \u0645\u062f\u06cc\u0631\u06cc\u062a \u06af\u0648\u0627\u0647\u06cc\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc\u060c \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u06af\u0633\u062a\u0631\u062f\u06af\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0646 \u067e\u06cc\u0634\u0646\u0647\u0627\u062f \u0627\u06a9\u06cc\u062f \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0627\u0642\u062f\u0627\u0645 \u0628\u0647 \u0628\u0631\u0637\u0631\u0641 \u0646\u0645\u0648\u062f\u0646 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u0647\u0645 \u0646\u0645\u0627\u06cc\u06cc\u062f.\nhttps://www.openssl.org/news/secadv/20220705.txt", "creation_timestamp": "2022-07-08T00:08:27.000000Z"}, {"uuid": "db8e0c1d-1c6c-4dda-b28e-c855a2734ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "seen", "source": "https://t.me/true_secator/3141", "content": "\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0438\u044e\u043d\u044c\u0441\u043a\u043e\u0433\u043e \u0440\u0435\u043b\u0438\u0437\u0430 OpenSSL 3.0.4 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 3.0.5. \n\nCVE-2022-2274 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 RSA \u0434\u043b\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 X86_64, \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 AVX512IFMA, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0432\u043e \u0432\u0440\u0435\u043c\u044f \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u0439.\n\n\u0423\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435.\n\n\u0422\u0430\u043a \u0447\u0442\u043e, \u0435\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u0443\u0441\u043f\u0435\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0432 \u0438\u044e\u043d\u0435, \u0442\u043e \u0442\u0435\u043f\u0435\u0440\u044c \u044d\u0442\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u0441\u0434\u0435\u043b\u0430\u0442\u044c.", "creation_timestamp": "2022-07-07T14:58:49.000000Z"}, {"uuid": "482822ac-e5c0-4ec0-9589-4f27a4ca5d24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22748", "type": "seen", "source": "https://t.me/cibsecurity/55170", "content": "\u203c CVE-2022-22748 \u203c\n\nMalicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:27:07.000000Z"}, {"uuid": "60f3c4b4-6f94-496b-a3dc-a7538f1a29aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22749", "type": "seen", "source": "https://t.me/cibsecurity/55164", "content": "\u203c CVE-2022-22749 \u203c\n\nWhen scanning QR codes, Firefox for Android would have allowed navigation to some URLs that do not point to web content.*This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 96.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:26:58.000000Z"}, {"uuid": "0f2a568b-639f-48f1-afbb-f5e408fb0c51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22745", "type": "seen", "source": "https://t.me/cibsecurity/55142", "content": "\u203c CVE-2022-22745 \u203c\n\nSecuritypolicyviolation events could have leaked cross-origin information for frame-ancestors violations. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:20:10.000000Z"}, {"uuid": "b6cb6efa-ba58-4624-ba33-49f88bfa829e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22744", "type": "seen", "source": "https://t.me/cibsecurity/55141", "content": "\u203c CVE-2022-22744 \u203c\n\nThe constructed curl command from the \"Copy as curl\" feature in DevTools was not properly escaped for PowerShell. This could have lead to command injection if pasted into a Powershell prompt.*This bug only affects Thunderbird for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:20:09.000000Z"}, {"uuid": "548c6b1c-2d41-4deb-a715-690fd57bdee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "seen", "source": "https://t.me/cibsecurity/45463", "content": "\u203c CVE-2022-2274 \u203c\n\nThe OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-01T12:39:27.000000Z"}, {"uuid": "059e91f1-4ec4-47fa-addb-aa6df8786139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "seen", "source": "https://t.me/information_security_channel/47917", "content": "OpenSSL Patches Remote Code Execution Vulnerability\nhttps://www.securityweek.com/openssl-patches-remote-code-execution-vulnerability\n\nOpenSSL has issued an urgent advisory to warn of a memory corruption vulnerability that exposes servers to remote code execution attacks.\nThe vulnerability, tracked as CVE-2022-2274, was introduced in OpenSSL 3.0.4 and could potentially allow malicious hackers to launch remote code attacks on unpatched SSL/TLS server side devices.\nread more (https://www.securityweek.com/openssl-patches-remote-code-execution-vulnerability)", "creation_timestamp": "2022-07-07T17:31:54.000000Z"}, {"uuid": "0d5e2f7c-a972-414c-bf8f-ab539c01bf4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "seen", "source": "https://t.me/thehackernews/2347", "content": "A security patch has been released for OpenSSL to fix a high-severity bug (CVE-2022-2274) in the cryptographic library that could lead to remote code execution attacks in certain scenarios.\n\nRead: https://thehackernews.com/2022/07/openssl-releases-patch-for-high.html", "creation_timestamp": "2022-10-04T17:42:52.000000Z"}, {"uuid": "4a90551b-d039-4e3a-a1e8-bdcd9f8872c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/294", "content": "https://github.com/Malwareman007/CVE-2022-2274", "creation_timestamp": "2022-10-04T16:32:09.000000Z"}, {"uuid": "55b90b89-2336-4cfd-a14c-2eef81fdac2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2274", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6872", "content": "#exploit\n1. Druva inSync for Mac - LPE\nhttps://imhotepisinvisible.com/druva-lpe\n\n2. CVE-2022-2274:\nOpenSSL 3.0.4 - bug in the RSA implementation\nhttps://github.com/Malwareman007/CVE-2022-2274", "creation_timestamp": "2022-09-27T23:27:56.000000Z"}]}