https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 26 May 2026 11:44:09 +0000 https://db.gcve.eu/sighting/5f817b4f-07a5-4c2e-9c06-fde89f5ae031/export {"uuid": "5f817b4f-07a5-4c2e-9c06-fde89f5ae031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3luzxvbtph62d", "content": "", "creation_timestamp": "2025-07-28T16:05:40.254974Z"} {"uuid": "5f817b4f-07a5-4c2e-9c06-fde89f5ae031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3luzxvbtph62d", "content": "", "creation_timestamp": "2025-07-28T16:05:40.254974Z"} https://db.gcve.eu/sighting/5f817b4f-07a5-4c2e-9c06-fde89f5ae031/export Mon, 28 Jul 2025 16:05:40 +0000 https://db.gcve.eu/sighting/912e5062-4308-438d-a648-8c4310f1e0d5/export {"uuid": "912e5062-4308-438d-a648-8c4310f1e0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://bsky.app/profile/gscafo.bsky.social/post/3luzyylog662u", "content": "", "creation_timestamp": "2025-07-28T16:25:25.680601Z"} {"uuid": "912e5062-4308-438d-a648-8c4310f1e0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://bsky.app/profile/gscafo.bsky.social/post/3luzyylog662u", "content": "", "creation_timestamp": "2025-07-28T16:25:25.680601Z"} https://db.gcve.eu/sighting/912e5062-4308-438d-a648-8c4310f1e0d5/export Mon, 28 Jul 2025 16:25:25 +0000 https://db.gcve.eu/sighting/af525e3e-aa0c-4b89-8412-702fd50c32d1/export {"uuid": "af525e3e-aa0c-4b89-8412-702fd50c32d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:11.000000Z"} {"uuid": "af525e3e-aa0c-4b89-8412-702fd50c32d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:11.000000Z"} https://db.gcve.eu/sighting/af525e3e-aa0c-4b89-8412-702fd50c32d1/export Sun, 31 Aug 2025 03:13:11 +0000 https://db.gcve.eu/sighting/b7c00d8e-6803-418b-99bf-550dbae1de7d/export {"uuid": "b7c00d8e-6803-418b-99bf-550dbae1de7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://gist.github.com/Darkcrai86/f478a7b258a4ba4e77c13e27154ee51f", "content": "", "creation_timestamp": "2025-12-05T13:02:24.000000Z"} {"uuid": "b7c00d8e-6803-418b-99bf-550dbae1de7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://gist.github.com/Darkcrai86/f478a7b258a4ba4e77c13e27154ee51f", "content": "", "creation_timestamp": "2025-12-05T13:02:24.000000Z"} https://db.gcve.eu/sighting/b7c00d8e-6803-418b-99bf-550dbae1de7d/export Fri, 05 Dec 2025 13:02:24 +0000 https://db.gcve.eu/sighting/f57a4fc8-5dc2-49b3-8d93-befa147284d5/export {"uuid": "f57a4fc8-5dc2-49b3-8d93-befa147284d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://bsky.app/profile/allsafeus.bsky.social/post/3md4say4dhi2d", "content": "", "creation_timestamp": "2026-01-23T22:55:32.356998Z"} {"uuid": "f57a4fc8-5dc2-49b3-8d93-befa147284d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://bsky.app/profile/allsafeus.bsky.social/post/3md4say4dhi2d", "content": "", "creation_timestamp": "2026-01-23T22:55:32.356998Z"} https://db.gcve.eu/sighting/f57a4fc8-5dc2-49b3-8d93-befa147284d5/export Fri, 23 Jan 2026 22:55:32 +0000 https://db.gcve.eu/sighting/bf07acff-7b34-419a-bdcc-23e7e2c55fb0/export {"uuid": "bf07acff-7b34-419a-bdcc-23e7e2c55fb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mddfjwvjymj2", "content": "", "creation_timestamp": "2026-01-26T13:56:34.812847Z"} {"uuid": "bf07acff-7b34-419a-bdcc-23e7e2c55fb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mddfjwvjymj2", "content": "", "creation_timestamp": "2026-01-26T13:56:34.812847Z"} https://db.gcve.eu/sighting/bf07acff-7b34-419a-bdcc-23e7e2c55fb0/export Mon, 26 Jan 2026 13:56:34 +0000 https://db.gcve.eu/sighting/22745602-8f62-457c-93fd-4bf86d089c6a/export {"uuid": "22745602-8f62-457c-93fd-4bf86d089c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5a3ce4a6-23fe-4c70-a292-886554e53ca9", "content": "", "creation_timestamp": "2026-02-02T12:26:42.275606Z"} {"uuid": "22745602-8f62-457c-93fd-4bf86d089c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5a3ce4a6-23fe-4c70-a292-886554e53ca9", "content": "", "creation_timestamp": "2026-02-02T12:26:42.275606Z"} https://db.gcve.eu/sighting/22745602-8f62-457c-93fd-4bf86d089c6a/export Mon, 02 Feb 2026 12:26:42 +0000 https://db.gcve.eu/sighting/64c6f55b-9c93-4913-b6ff-a4fca20b2515/export {"uuid": "64c6f55b-9c93-4913-b6ff-a4fca20b2515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5a3ce4a6-23fe-4c70-a292-886554e53ca9", "content": "", "creation_timestamp": "2026-02-02T12:26:42.275606Z"} {"uuid": "64c6f55b-9c93-4913-b6ff-a4fca20b2515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34048", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5a3ce4a6-23fe-4c70-a292-886554e53ca9", "content": "", "creation_timestamp": "2026-02-02T12:26:42.275606Z"} https://db.gcve.eu/sighting/64c6f55b-9c93-4913-b6ff-a4fca20b2515/export Mon, 02 Feb 2026 12:26:42 +0000 https://db.gcve.eu/sighting/580ca0ca-9245-40fe-bc13-88bac0150638/export {"uuid": "580ca0ca-9245-40fe-bc13-88bac0150638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34044", "type": "published-proof-of-concept", "source": "https://t.me/poxek/6033", "content": "\u0420\u0430\u0441\u0442\u0435\u043c \u0432 VMware \u043e\u0442 Guest \u0434\u043e Host \u0447\u0435\u0440\u0435\u0437 CVE-2023-20870 + CVE-2023-34044 + CVE-2023-20869\n#VMware #CVE #Bluetooth\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c r0keb \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b \u0438 \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u043b \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 VMware Workstation 17.0.0, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u044b\u0439 Guest-to-Host escape, \u0438\u043c\u0435\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u267e\ufe0f\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0443\u0442\u044c\u267e\ufe0f\n\n\u0410\u0442\u0430\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0434\u0432\u0430 \u044d\u0442\u0430\u043f\u0430. \n\n\u25aa\ufe0f\u041f\u0435\u0440\u0432\u044b\u0439 \u2014 memory leak (CVE-2023-20870 \u0438 CVE-2023-34044) \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 USB Request Blocks (URB) \u0432 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Bluetooth \u0438 Mouse. malloc \u0431\u0435\u0437 \u043e\u0431\u043d\u0443\u043b\u0435\u043d\u0438\u044f + \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 LFH-\u0431\u0430\u043a\u0435\u0442\u043e\u0432 (0xb0) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0433\u043e\u0441\u0442\u044e \u0443\u0442\u0435\u0447\u044c \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u043d\u0430 \u0431\u0430\u0437\u0443 vmware_vmx.exe \u0438 \u043e\u0431\u043e\u0439\u0442\u0438 ASLR.\n\n\u25aa\ufe0f\u0412\u0442\u043e\u0440\u043e\u0439 \u2014 stack-based buffer overflow (CVE-2023-20869) \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 SDP-\u043f\u0430\u043a\u0435\u0442\u043e\u0432 (\u0444\u0443\u043d\u043a\u0446\u0438\u0438 SDPData_ReadElement \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 memcpy). \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 SDP_SVC_SEARCH_ATTR_REQ \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u043e\u043c \u0442\u0438\u043f\u0430 SDP_DE_UINT \u0438 \u043f\u0435\u0440\u0435\u0440\u0430\u0437\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0435\u043c AttributeIDList (~0x28f \u0431\u0430\u0439\u0442) \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0434\u0432\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0442\u0435\u043a\u0430, \u0437\u0430\u0442\u0438\u0440\u0430\u044e\u0449\u0438\u0445 return-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0434\u0430\u044e\u0449\u0438\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 RIP.\n\n\u267e\ufe0f\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u267e\ufe0f\n\n \u25aa\ufe0f\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0448\u0430\u0440\u0438\u043d\u0433 Bluetooth-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u0433\u043e\u0441\u0442\u0435\u043c\n \u25aa\ufe0f\u0427\u0435\u0440\u0435\u0437 libusb \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c Bluetooth (VID:0x0e0f, PID:0x0008) \u0438 Mouse (PID:0x0003)\n \u25aa\ufe0f\u0412\u044b\u0434\u0435\u043b\u044f\u0442\u044c \u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0430\u0442\u044c URB \u043c\u044b\u0448\u0438 \u0434\u043b\u044f \u0437\u0430\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f LFH-\u0431\u0430\u043a\u0435\u0442\u0430 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 0xb0\n \u25aa\ufe0f\u0427\u0438\u0442\u0430\u0442\u044c \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u0447\u0435\u0440\u0435\u0437 control transfer (wLength=0x80) \u2192 \u0443\u0442\u0435\u0447\u043a\u0430 \u0431\u0430\u0437\u044b vmware_vmx\n \u25aa\ufe0f\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c btusb/usbhid \u043c\u043e\u0434\u0443\u043b\u0438 \u0432 \u0433\u043e\u0441\u0442\u0435\n \u25aa\ufe0f\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c L2CAP/SDP-\u0441\u0435\u0441\u0441\u0438\u044e \u0441 \u0432\u043d\u0435\u0448\u043d\u0438\u043c Bluetooth-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c (\u0442\u0435\u043b\u0435\u0444\u043e\u043d \u0438 \u0442.\u0434.)\n \u25aa\ufe0f\u041e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c crafted SDP-\u043f\u0430\u043a\u0435\u0442 \u0441 oversized AttributeIDList (0x28f \u0431\u0430\u0439\u0442) \u0438 SDP_DE_UINT\n\u25aa\ufe0f \u0412\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c ROP-\u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 (\u043f\u0440\u0438\u043c\u0435\u0440 \u2014 \u0437\u0430\u043f\u0443\u0441\u043a calc.exe)\n\n\u267e\ufe0f\u0418\u043c\u043f\u0430\u043a\u0442\u267e\ufe0f\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0440\u043e\u0440\u044b\u0432 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b: \u0438\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u041e\u0421 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 arbitrary code execution \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 vmware-vmx. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u0445\u043e\u0441\u0442\u0435, \u043f\u043e\u0445\u0438\u0449\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435, \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0412\u041c \u043d\u0430 \u044d\u0442\u043e\u043c \u0436\u0435 \u0445\u043e\u0441\u0442\u0435 \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\ud83d\udd17\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\ud83c\udf1a @poxek | \ud83d\udcf2 MAX |\ud83c\udf1a \u0411\u043b\u043e\u0433 | \ud83d\udcfa YT | \ud83d\udcfa RT | \ud83d\udcfa VK", "creation_timestamp": "2026-04-08T13:54:44.000000Z"} {"uuid": "580ca0ca-9245-40fe-bc13-88bac0150638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-34044", "type": "published-proof-of-concept", "source": "https://t.me/poxek/6033", "content": "\u0420\u0430\u0441\u0442\u0435\u043c \u0432 VMware \u043e\u0442 Guest \u0434\u043e Host \u0447\u0435\u0440\u0435\u0437 CVE-2023-20870 + CVE-2023-34044 + CVE-2023-20869\n#VMware #CVE #Bluetooth\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c r0keb \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u043b \u0438 \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u043b \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 VMware Workstation 17.0.0, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0446\u0435\u043d\u043d\u044b\u0439 Guest-to-Host escape, \u0438\u043c\u0435\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u267e\ufe0f\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0443\u0442\u044c\u267e\ufe0f\n\n\u0410\u0442\u0430\u043a\u0430 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0434\u0432\u0430 \u044d\u0442\u0430\u043f\u0430. \n\n\u25aa\ufe0f\u041f\u0435\u0440\u0432\u044b\u0439 \u2014 memory leak (CVE-2023-20870 \u0438 CVE-2023-34044) \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 USB Request Blocks (URB) \u0432 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Bluetooth \u0438 Mouse. malloc \u0431\u0435\u0437 \u043e\u0431\u043d\u0443\u043b\u0435\u043d\u0438\u044f + \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 LFH-\u0431\u0430\u043a\u0435\u0442\u043e\u0432 (0xb0) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0433\u043e\u0441\u0442\u044e \u0443\u0442\u0435\u0447\u044c \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u043d\u0430 \u0431\u0430\u0437\u0443 vmware_vmx.exe \u0438 \u043e\u0431\u043e\u0439\u0442\u0438 ASLR.\n\n\u25aa\ufe0f\u0412\u0442\u043e\u0440\u043e\u0439 \u2014 stack-based buffer overflow (CVE-2023-20869) \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 SDP-\u043f\u0430\u043a\u0435\u0442\u043e\u0432 (\u0444\u0443\u043d\u043a\u0446\u0438\u0438 SDPData_ReadElement \u0438 \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 memcpy). \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 SDP_SVC_SEARCH_ATTR_REQ \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u043c \u0430\u0442\u0440\u0438\u0431\u0443\u0442\u043e\u043c \u0442\u0438\u043f\u0430 SDP_DE_UINT \u0438 \u043f\u0435\u0440\u0435\u0440\u0430\u0437\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u0435\u043c AttributeIDList (~0x28f \u0431\u0430\u0439\u0442) \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0434\u0432\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441\u0442\u0435\u043a\u0430, \u0437\u0430\u0442\u0438\u0440\u0430\u044e\u0449\u0438\u0445 return-\u0430\u0434\u0440\u0435\u0441\u0430 \u0438 \u0434\u0430\u044e\u0449\u0438\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 RIP.\n\n\u267e\ufe0f\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u267e\ufe0f\n\n \u25aa\ufe0f\u0412\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0448\u0430\u0440\u0438\u043d\u0433 Bluetooth-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u0433\u043e\u0441\u0442\u0435\u043c\n \u25aa\ufe0f\u0427\u0435\u0440\u0435\u0437 libusb \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u0442\u044c \u0441 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c Bluetooth (VID:0x0e0f, PID:0x0008) \u0438 Mouse (PID:0x0003)\n \u25aa\ufe0f\u0412\u044b\u0434\u0435\u043b\u044f\u0442\u044c \u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0430\u0442\u044c URB \u043c\u044b\u0448\u0438 \u0434\u043b\u044f \u0437\u0430\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f LFH-\u0431\u0430\u043a\u0435\u0442\u0430 \u0440\u0430\u0437\u043c\u0435\u0440\u043e\u043c 0xb0\n \u25aa\ufe0f\u0427\u0438\u0442\u0430\u0442\u044c \u043d\u0435\u0438\u043d\u0438\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u0447\u0435\u0440\u0435\u0437 control transfer (wLength=0x80) \u2192 \u0443\u0442\u0435\u0447\u043a\u0430 \u0431\u0430\u0437\u044b vmware_vmx\n \u25aa\ufe0f\u041f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c btusb/usbhid \u043c\u043e\u0434\u0443\u043b\u0438 \u0432 \u0433\u043e\u0441\u0442\u0435\n \u25aa\ufe0f\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c L2CAP/SDP-\u0441\u0435\u0441\u0441\u0438\u044e \u0441 \u0432\u043d\u0435\u0448\u043d\u0438\u043c Bluetooth-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c (\u0442\u0435\u043b\u0435\u0444\u043e\u043d \u0438 \u0442.\u0434.)\n \u25aa\ufe0f\u041e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c crafted SDP-\u043f\u0430\u043a\u0435\u0442 \u0441 oversized AttributeIDList (0x28f \u0431\u0430\u0439\u0442) \u0438 SDP_DE_UINT\n\u25aa\ufe0f \u0412\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c ROP-\u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 (\u043f\u0440\u0438\u043c\u0435\u0440 \u2014 \u0437\u0430\u043f\u0443\u0441\u043a calc.exe)\n\n\u267e\ufe0f\u0418\u043c\u043f\u0430\u043a\u0442\u267e\ufe0f\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0440\u043e\u0440\u044b\u0432 \u0438\u0437\u043e\u043b\u044f\u0446\u0438\u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b: \u0438\u0437 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u041e\u0421 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 arbitrary code execution \u043d\u0430 \u0445\u043e\u0441\u0442\u0435 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 vmware-vmx. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043a\u0440\u0435\u043f\u0438\u0442\u044c\u0441\u044f \u043d\u0430 \u0445\u043e\u0441\u0442\u0435, \u043f\u043e\u0445\u0438\u0449\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435, \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0435 \u0412\u041c \u043d\u0430 \u044d\u0442\u043e\u043c \u0436\u0435 \u0445\u043e\u0441\u0442\u0435 \u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043c\u0430\u0448\u0438\u043d\u0443 \u0434\u043b\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0430\u0442\u0430\u043a.\n\n\ud83d\udd17\u0418\u0441\u0442\u043e\u0447\u043d\u0438\u043a\n\n\ud83c\udf1a @poxek | \ud83d\udcf2 MAX |\ud83c\udf1a \u0411\u043b\u043e\u0433 | \ud83d\udcfa YT | \ud83d\udcfa RT | \ud83d\udcfa VK", "creation_timestamp": "2026-04-08T13:54:44.000000Z"} https://db.gcve.eu/sighting/580ca0ca-9245-40fe-bc13-88bac0150638/export Wed, 08 Apr 2026 13:54:44 +0000 https://db.gcve.eu/sighting/872f01aa-8680-41ef-8d76-8c2c6d1526ec/export {"uuid": "872f01aa-8680-41ef-8d76-8c2c6d1526ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "MISP/e3a58da8-48fa-4feb-9d66-525a5b00f499", "content": "", "creation_timestamp": "2026-04-30T15:55:38.000000Z"} {"uuid": "872f01aa-8680-41ef-8d76-8c2c6d1526ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-34048", "type": "seen", "source": "MISP/e3a58da8-48fa-4feb-9d66-525a5b00f499", "content": "", "creation_timestamp": "2026-04-30T15:55:38.000000Z"} https://db.gcve.eu/sighting/872f01aa-8680-41ef-8d76-8c2c6d1526ec/export Thu, 30 Apr 2026 15:55:38 +0000