{"vulnerability": "CVE-2023-2483", "sightings": [{"uuid": "752386c3-3292-44f6-b52b-943f75968284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24832", "type": "seen", "source": "https://t.me/cibsecurity/64437", "content": "\u203c CVE-2023-24832 \u203c\n\nA null pointer dereference bug in Hermes prior to commit 5cae9f72975cf0e5a62b27fdd8b01f103e198708 could have been used by an attacker to crash an Hermes runtime where the EnableHermesInternal config option was set to true. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-19T02:32:32.000000Z"}, {"uuid": "d6039a7b-a68a-40e0-91e1-38909d9f6b31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24836", "type": "seen", "source": "https://t.me/cibsecurity/62955", "content": "\u203c CVE-2023-24836 \u203c\n\nSUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T07:39:49.000000Z"}, {"uuid": "67908bca-74dc-43e9-824b-16705ac3bedc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24831", "type": "seen", "source": "https://t.me/cibsecurity/62267", "content": "\u203c CVE-2023-24831 \u203c\n\nImproper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-17T12:28:15.000000Z"}, {"uuid": "f21d984f-4fdb-49fd-9fff-c97c5338a5a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-24830", "type": "seen", "source": "https://t.me/cibsecurity/57169", "content": "\u203c CVE-2023-24830 \u203c\n\nImproper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB: from 0.13.0 before 0.13.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-30T20:37:20.000000Z"}]}