{"vulnerability": "CVE-2023-2193", "sightings": [{"uuid": "a3b8d37b-7e4a-4244-9edb-32107dc195fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "0af7288e-aea9-4c35-b1f4-57e1495e2870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:51.000000Z"}, {"uuid": "4dd8df01-41d9-4853-9fb1-17554b50b8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21930", "type": "seen", "source": "https://gist.github.com/juank704/8c144f4ae0004f19892c23b19deca658", "content": "", "creation_timestamp": "2025-03-03T15:40:30.000000Z"}, {"uuid": "7f200dce-8162-4f67-b56c-3d8ffc58fb2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21938", "type": "seen", "source": "https://gist.github.com/juank704/8c144f4ae0004f19892c23b19deca658", "content": "", "creation_timestamp": "2025-03-03T15:40:30.000000Z"}, {"uuid": "58975857-6bca-460b-bcc4-11f05a6670d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "seen", "source": "https://gist.github.com/juank704/8c144f4ae0004f19892c23b19deca658", "content": "", "creation_timestamp": "2025-03-03T15:40:30.000000Z"}, {"uuid": "2e8ef9fa-2ab9-4eeb-9218-809a4564e7a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "8051e912-c1f0-417f-8584-5bbc5bbfb282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "seen", "source": "https://gist.github.com/Darkcrai86/a421ca996c85082f1cba4fb74e7a2252", "content": "", "creation_timestamp": "2025-10-20T06:59:38.000000Z"}, {"uuid": "8845765a-7e0a-4412-a307-670d7dd3a28d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/iiop/cve_2023_21839_weblogic_rce.rb", "content": "", "creation_timestamp": "2023-06-09T19:18:50.000000Z"}, {"uuid": "ae6bacab-e25f-4274-840e-cd066590d752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4992", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aJDK CVE-2023-21939\nURL\uff1ahttps://github.com/Y4Sec-Team/CVE-2023-21939\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-26T07:03:36.000000Z"}, {"uuid": "37393055-911b-498b-be59-f771a897ee9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21932", "type": "seen", "source": "https://t.me/ctinow/109328", "content": "Easily exploitable flaw in Oracle Opera could spell trouble for hotel chains (CVE-2023-21932)\n\nhttps://ift.tt/BYeUvQm", "creation_timestamp": "2023-05-02T17:23:13.000000Z"}, {"uuid": "e8f455bb-e6ac-448c-8a7e-4248cc2daba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/Shade_Black_Hacker/687", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-09-30T20:01:41.000000Z"}, {"uuid": "08864b34-78b0-44c9-a8fd-3f63bf940b7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "Telegram/4_4xyXQTaUbA-YsFB59E5SAxyU6CIetp1U4BNxeizjZ9FQ", "content": "", "creation_timestamp": "2023-08-28T07:37:04.000000Z"}, {"uuid": "2184d102-b880-466a-a8f8-9c709cec1dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "Telegram/Hl-xhae5gWXK7tw2HlsQ48dSVuT7dVcXsNReL7eVRTh3eA", "content": "", "creation_timestamp": "2023-09-06T15:34:58.000000Z"}, {"uuid": "274a3fdc-47c2-4413-af01-0a81b37f1c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3172", "content": "Hackers Factory \n\n\"waf-bypass-maker/waf-community-bypasses\"\n\nhttps://github.com/waf-bypass-maker/waf-community-bypasses\n\nCross Platform Telegram based RAT that communicates via telegram to evade network restrictions\n\nhttps://github.com/machine1337/TelegramRAT\n\nA CLI utility to find domain's known subdomains from curated passive online sources.\n\nhttps://github.com/hueristiq/xsubfind3r\n\nAD_Enumeration_Hunt\n\nAD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be used for Active Directory (AD) penetration testing and security assessment.\n\nhttps://github.com/alperenugurlu/AD_Enumeration_Hunt\n\nThe MSSqlPwner tool empowers ethical hackers and security professionals to conduct comprehensive security assessments on MSSQL environments.\n\nhttps://github.com/ScorpionesLabs/MSSqlPwner\n\nDNSWatch - DNS Traffic Sniffer and Analyzer\n\nhttps://github.com/HalilDeniz/DNSWatch\n\nPython based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)\n\nhttps://github.com/stuxnet999/EventTranscriptParser\n\nICS attack simulator for the Tennessee Eastman Process. From the NDSS 2024 paper: \"Attributions for ML-based ICS anomaly detection: From theory to practice\"\n\nhttps://github.com/pwwl/tep-attack-simulator\n\nCVE-2023-21939\n\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing).\n\nhttps://gist.github.com/win3zz/308c6567e38e096c7071d3564ef164ad\n\nUnderstanding WinRAR Code Execution Vulnerability (CVE-2023-38831)\n\nhttps://github.com/knight0x07/WinRAR-Code-Execution-Vulnerability-CVE-2023-38831\n\nautomatically tests prompt injection attacks on ChatGPT instances\n\nhttps://github.com/utkusen/promptmap\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-30T13:46:02.000000Z"}, {"uuid": "7b610207-8e9f-4653-bd7e-102a802763d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3171", "content": "Hackers Factory \n\nRun PowerShell command without invoking powershell.exe\n\nhttps://github.com/Mr-Un1k0d3r/PowerLessShell\n\nOSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines\n\nhttps://github.com/rodolfomarianocy/OSCP-Tricks-2023\n\nCVE-2023-41080\n\nApache Tomcat FORM Authentication redirect\n\nhttps://github.com/shiomiyan/CVE-2023-41080\n\nJDK CVE-2023-21939\n\nhttps://github.com/Y4Sec-Team/CVE-2023-21939\n\nA high-performance, parallel, compilation-based symbolic execution engine\n\nhttps://github.com/Generative-Program-Analysis/GenSym\n\nCVE-2023-38831 winrar exploit generator\n\nhttps://github.com/b1tg/CVE-2023-38831-winrar-exploit\n\nThis lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.\n\nhttps://github.com/DarkCoderSc/SharpShellPipe\n\nApple BLE proximity pairing message spoofing\n\nhttps://github.com/ECTO-1A/AppleJuice\n\nAssociated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious domain and IPv4 lists.\n\nhttps://github.com/OsmanKandemir/associated-threat-analyzer\n\nIvanti Sentry CVE-2023-38035\n\nhttps://github.com/horizon3ai/CVE-2023-38035\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-29T14:27:53.000000Z"}, {"uuid": "df8628a7-26e8-4fc3-b01f-bec14db8d749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21932", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/796", "content": "CVE-2023-21932 : Oracle Opera - Remote Code Execution\nBlog : https://blog.assetnote.io/2023/04/30/rce-oracle-opera/", "creation_timestamp": "2023-08-07T06:30:57.000000Z"}, {"uuid": "74379353-9f81-4530-85f7-4e5997400f4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4263", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-09-06T18:21:21.000000Z"}, {"uuid": "cc7cd152-685e-4737-aa0e-977b714c3f0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21936", "type": "seen", "source": "https://t.me/cibsecurity/62393", "content": "\u203c CVE-2023-21936 \u203c\n\nVulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are Prior to 9.2.7.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T00:29:34.000000Z"}, {"uuid": "206715ac-8ffa-4783-ab41-e4e091324c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21932", "type": "seen", "source": "https://t.me/thebugbountyhunter/7292", "content": "Advisory: Oracle Opera Pre-Auth RCE (CVE-2023-21932)\n\nhttps://blog.assetnote.io/2023/04/30/oracle-opera-advisory/", "creation_timestamp": "2023-05-02T12:27:02.000000Z"}, {"uuid": "cc853a1d-2663-4a75-abab-15cbf554a223", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8149", "content": "#exploit\n1. CVE-2022-22956, CVE-2022-22957:\nVMware Workspace ONE RCE\nhttps://packetstormsecurity.com/files/171918\n\n2. CVE-2023-25136:\nOpenSSH Pre-Auth Double Free\nhttps://github.com/adhikara13/CVE-2023-25136\n\n3. CVE-2023-21931:\nWebLogic After-Deserialization\nhttps://github.com/gobysec/Weblogic/blob/main/Research%20on%20WebLogic%20After-Deserialization.md", "creation_timestamp": "2023-04-21T02:07:48.000000Z"}, {"uuid": "fe5cfafb-e864-43f4-97ed-154bd9a6b65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8919", "content": "#exploit\n1. CVE-2023-21939:\nOracle Java SE Vulnerability\nhttps://github.com/Y4Sec-Team/CVE-2023-21939\n\n2. CVE-2023-38388:\nJupiterX Core Premium Plugin - unrestricted upload\nhttps://github.com/codeb0ss/CVE-2023-38388", "creation_timestamp": "2023-08-26T21:07:12.000000Z"}, {"uuid": "31097894-8046-430e-a1a9-cddb6cc51d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9253", "content": "#exploit\n1. CVE-2023-21931:\nOracle Weblogic PreAuth RCE\nhttps://github.com/MMarch7/weblogic_CVE-2023-21931_POC-EXP\n\n2. CVE-2023-36745:\nMS Exchange Server Privilege Escalation\nhttps://securityonline.info/microsoft-exchange-server-rce-cve-2023-36745-flaw-gets-poc-exploit\n]-> PoC: https://github.com/N1k0la-T/CVE-2023-36745\n\n3. CVE-2023-4863:\nHeap buffer overflow in Google WebP\nhttps://paper.seebug.org/3056", "creation_timestamp": "2024-12-26T17:03:29.000000Z"}, {"uuid": "9de23107-9c61-4ebb-9616-18903190d724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1503", "content": "#exploit\n1. CVE-2023-21931:\nOracle Weblogic PreAuth RCE\nhttps://github.com/MMarch7/weblogic_CVE-2023-21931_POC-EXP\n\n2. CVE-2023-36745:\nMS Exchange Server Privilege Escalation\nhttps://github.com/N1k0la-T/CVE-2023-36745\n\n3. CVE-2023-4863:\nHeap buffer overflow in Google WebP\nhttps://paper.seebug.org/3056", "creation_timestamp": "2024-08-16T08:40:05.000000Z"}, {"uuid": "95c83003-47bd-4451-a13c-52487f34ea4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "published-proof-of-concept", "source": "Telegram/5bsa606bXjsOCnyR_mPi7t9er2l-2IxhwH_oS6E71xUxEQ", "content": "", "creation_timestamp": "2023-10-24T18:11:26.000000Z"}, {"uuid": "138d923e-a4f0-4a4f-afe6-677653b054c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21931", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2889", "content": "Tools - Hackers Factory\n\u200b\u200bCVE-2023-21931\n\nWeblogic CVE-2023-21931 vulnerability exploration technique: post-deserialization exploitation.\n\nhttps://github.com/gobysec/Weblogic\n\n\u200b\u200bmisp-galaxy\n\nClusters and elements to attach to MISP events or attributes (like threat actors).\n\nhttps://github.com/MISP/misp-galaxy\n\n\u200b\u200bSandbox Escape in vm2@3.9.15\n\nThere exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15, allowing attackers to bypass handleException() and leak unsanitized host exceptions which can be used to escape the sandbox and run arbitrary code in host context.\n\nhttps://gist.github.com/leesh3288/f05730165799bf56d70391f3d9ea187c\n\n\u200b\u200bNetlas dorks\n\nIn this document, you will find dorks for the Netlas.io search engine. They are divided into several categories, each dork also has a link by which you can immediately go to the query results. The dork list from RedTeamGuide was taken as a basis, and processed in accordance with our syntax. If you find any inaccuracies, please feel free to send pull requests or write Issues.\n\nhttps://github.com/netlas-io/netlas-dorks\n\n\u200b\u200bDefault Credentials Cheat Sheet\n\nOne place for all the default credentials to assist pentesters during an engagement, this document has several products default login/password gathered from multiple sources.\n\nhttps://github.com/ihebski/DefaultCreds-cheat-sheet\n\n\u200b\u200bLinkedInDumper\n\nPython 3 script to dump company employees from #LinkedIn API.\n\nhttps://github.com/l4rm4nd/LinkedInDumper\n\n\u200b\u200bFoundry PoC Template\n\nThis is a foundry template to run quick and easy Proof of Concept (PoC) fork tests. It is intended to be used as a starting point for writing PoCs tests for vulnerabilities on any EVM compatible network. It is not intended to be used as a final PoC.\n\nhttps://github.com/Elpacos/quickfork\n\n\u200b\u200bPhishpedia \n\nA Hybrid Deep Learning Based Approach to Visually Identify Phishing Webpages.\n\nhttps://github.com/lindsey98/Phishpedia\n\n\u200b\u200bswagroutes\n\nA command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format. It simplifies the process of fetching the routes provided by an API and supports processing multiple files or directories at once.\n\nhttps://github.com/amalmurali47/swagroutes\n\n\u200b\u200bMischief-DLL-Stager\n\nReasonably undetected shellcode stager and executer. This is a very simple shellcode stager that as of right now moderately undetected. I chose to legitimately load functions and then dynamically load others to be less immedialtely suspicious.\n\nhttps://github.com/MitchHS/Mischief-DLL-Stager\n\n\u200b\u200bGC2\n\nCommand and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.\n\nhttps://github.com/looCiprian/GC2-sheet\n\n\u200b\u200bAwesome EDR Bypass\n\nhttps://github.com/tkmru/awesome-edr-bypass\n\n\u200b\u200bSubGPT\n\nSubGPT looks at subdomains you have already discovered for a domain and uses BingGPT to predict and find more. Best part? It's free!\n\nhttps://github.com/s0md3v/SubGPT\n\n\u200b\u200bGpuDecryptShellcode\n\nXOR-decrypting shellcode on the GPU using OpenCL.\n\nhttps://github.com/eversinc33/GpuDecryptShellcode\n\n\u200b\u200bEDR Telemetry\n\nThis project aims to compare and evaluate the telemetry of various EDR products.\n\nhttps://github.com/tsale/EDR-Telemetry\n\n\u200b\u200bgh-action-pip-audit\n\nA GitHub Action that uses pip-audit to scan Python dependencies for known vulnerabilities.\n\nhttps://github.com/pypa/gh-action-pip-audit\n\n\u200b\u200bCVE-2023-25136\n\nOpenSSH Pre-Auth Double Free CVE-2023-25136 POC\n\nhttps://github.com/adhikara13/CVE-2023-25136\n\n\u200b\u200bMalSeclogon\n\nA little tool to play with the Seclogon service.\n\nhttps://github.com/antonioCoco/MalSeclogon\n\nFull technical details at:\n\u2022 https://splintercod3.blogspot.com/p/the-hidden-side-of-seclogon-part-2.html\n\u2022 https://splintercod3.blogspot.com/p/the-hidden-side-of-seclogon-part-3.html\n\n#infosec #cybersec \n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-04-21T07:55:20.000000Z"}, {"uuid": "7f95db86-61e0-4855-927f-0ddaf983e61c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4212", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-08-28T07:49:18.000000Z"}, {"uuid": "647297b7-a9ea-4567-bf8d-2f0782a92fc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21939", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4217", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-08-29T06:55:55.000000Z"}, {"uuid": "b1af8c32-eb65-4771-bc47-235a1d1381ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21935", "type": "seen", "source": "https://t.me/cibsecurity/62405", "content": "\u203c CVE-2023-21935 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T00:35:26.000000Z"}, {"uuid": "29913c76-ce22-4c47-933c-ab479554a3d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-21937", "type": "seen", "source": "https://t.me/cibsecurity/62397", "content": "\u203c CVE-2023-21937 \u203c\n\nVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T00:29:41.000000Z"}, {"uuid": "15eeaebc-6a44-4e2c-a93e-638e77d1842a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2193", "type": "seen", "source": "https://t.me/cibsecurity/62498", "content": "\u203c CVE-2023-2193 \u203c\n\nMattermost fails to invalidate existing authorization codes when deauthorizing an OAuth2 app, allowing an attacker possessing an authorization code to generate an access token.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-20T12:35:33.000000Z"}]}