{"vulnerability": "CVE-2022-4227", "sightings": [{"uuid": "88050406-0baa-4d93-b7e1-26f26aae69a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42273", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10795", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42273\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: NVIDIA BMC contains a vulnerability in libwebsocket, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.\n\ud83d\udccf Published: 2023-01-12T22:17:59.014Z\n\ud83d\udccf Modified: 2025-04-07T19:46:05.442Z\n\ud83d\udd17 References:\n1. https://nvidia.custhelp.com/app/answers/detail/a_id/5435", "creation_timestamp": "2025-04-07T20:46:29.000000Z"}, {"uuid": "a2ba0fc1-f0ec-4bc1-bad6-5ca65e011184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42272", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10794", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42272\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow, which may lead to code execution, denial of service or escalation of privileges.\n\ud83d\udccf Published: 2023-01-12T22:16:41.786Z\n\ud83d\udccf Modified: 2025-04-07T19:53:08.229Z\n\ud83d\udd17 References:\n1. https://nvidia.custhelp.com/app/answers/detail/a_id/5435", "creation_timestamp": "2025-04-07T20:46:28.000000Z"}, {"uuid": "16fa1828-7b82-4676-a6db-67735894772f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42277", "type": "seen", "source": "https://t.me/cibsecurity/56480", "content": "\u203c CVE-2022-42277 \u203c\n\nNVIDIA DGX Station contains a vulnerability in SBIOS in the SmiFlash, where a local user with elevated privileges can read, write and erase flash, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-13T07:31:09.000000Z"}, {"uuid": "7479b96d-a856-4e95-9b5f-1ebe0d1525ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42274", "type": "seen", "source": "https://t.me/cibsecurity/56478", "content": "\u203c CVE-2022-42274 \u203c\n\nNVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-13T07:31:07.000000Z"}, {"uuid": "9415e3d4-3ec8-4704-a6ec-40914e6d15d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42270", "type": "seen", "source": "https://t.me/cibsecurity/55665", "content": "\u203c CVE-2022-42270 \u203c\n\nNVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-31T02:14:32.000000Z"}, {"uuid": "4bec8db5-9bd3-4dd7-bc96-870fe7abd2eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4227", "type": "seen", "source": "https://t.me/cibsecurity/55357", "content": "\u203c CVE-2022-4227 \u203c\n\nThe Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T16:40:53.000000Z"}]}