{"vulnerability": "CVE-2022-4178", "sightings": [{"uuid": "d6640232-e72f-4f5c-8cbb-bbd40a1a2285", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4178", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2063", "content": "#exploit\n1. CVE-2022-4178:\nChrome - Design flaw in Synchronous Mojo message handling introduces unexpected reentrancy and allows for multiple UAFs\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2372\n\n2. WebKit + Kernel exploit chain for all PS Vita firmwares\nhttps://github.com/TheOfficialFloW/HENlo\n\n3. CVE-2022-41912:\nSignature bypass via multiple Assertion elements\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2368", "creation_timestamp": "2023-01-02T19:24:08.000000Z"}, {"uuid": "d9a8dd11-a702-40c4-ab00-157dfce1f57b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41786", "type": "seen", "source": "https://t.me/ctinow/169432", "content": "https://ift.tt/cN51UPa\nCVE-2022-41786", "creation_timestamp": "2024-01-17T19:26:36.000000Z"}, {"uuid": "26a36817-ff54-4085-a1a1-d098e1edd4d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41781", "type": "seen", "source": "https://t.me/cibsecurity/53169", "content": "\u203c CVE-2022-41781 \u203c\n\nBroken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T22:29:43.000000Z"}, {"uuid": "af4b1d63-8686-4988-ae2b-de1a68da159b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41787", "type": "seen", "source": "https://t.me/cibsecurity/51839", "content": "\u203c CVE-2022-41787 \u203c\n\nIn BIG-IP versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and 13.1.x before 13.1.5.1, when DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with DNSSEC can cause TMM to terminate.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-20T02:20:37.000000Z"}, {"uuid": "bf1dff1d-74a8-44d3-b96f-fdd3c77f7d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41780", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15600", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41780\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: In F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an attacker to read arbitrary files.\n\ud83d\udccf Published: 2022-10-19T21:22:10.493Z\n\ud83d\udccf Modified: 2025-05-08T18:59:13.435Z\n\ud83d\udd17 References:\n1. https://support.f5.com/csp/article/K81701735", "creation_timestamp": "2025-05-08T19:24:21.000000Z"}, {"uuid": "ffc8fea5-5d53-4766-a487-49b75db131de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41780", "type": "seen", "source": "https://t.me/cibsecurity/51850", "content": "\u203c CVE-2022-41780 \u203c\n\nIn F5OS-A version 1.x before 1.1.0 and F5OS-C version 1.x before 1.4.0, a directory traversal vulnerability exists in an undisclosed location of the F5OS CLI that allows an attacker to read arbitrary files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-20T02:20:51.000000Z"}, {"uuid": "c9c52f14-ea27-4389-9d27-5c8a51e5396e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4178", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7459", "content": "#exploit\n1. CVE-2022-4178:\nChrome - Design flaw in Synchronous Mojo message handling introduces unexpected reentrancy and allows for multiple UAFs\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2372\n\n2. WebKit + Kernel exploit chain for all PS Vita firmwares\nhttps://github.com/TheOfficialFloW/HENlo\n\n3. CVE-2022-41912:\nSignature bypass via multiple Assertion elements\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2368", "creation_timestamp": "2022-12-31T23:33:58.000000Z"}]}