{"vulnerability": "CVE-2023-2756", "sightings": [{"uuid": "cb68999e-a640-44f8-9744-95e597ac971c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27561", "type": "seen", "source": "https://t.me/arpsyndicate/781", "content": "#ExploitObserverAlert\n\nCVE-2023-27561\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-27561. runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.0", "creation_timestamp": "2023-11-29T17:39:00.000000Z"}, {"uuid": "39b67335-72f6-4fbb-bf1c-702b2077e6bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2756", "type": "seen", "source": "https://t.me/cibsecurity/64307", "content": "\u203c CVE-2023-2756 \u203c\n\nSQL Injection in GitHub repository pimcore/customer-data-framework prior to 3.3.10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T14:31:04.000000Z"}, {"uuid": "e994ffa8-45f5-4c25-855b-9bd5f1b79b37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27568", "type": "seen", "source": "https://t.me/cibsecurity/63277", "content": "\u203c CVE-2023-27568 \u203c\n\nSQL injection vulnerability inSpryker Commerce OS 0.9 that allows for access to sensitive data via customer/order?orderSearchForm[searchText]=\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T07:56:50.000000Z"}, {"uuid": "597b97e2-b289-47d5-8019-a703beef76ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27563", "type": "seen", "source": "https://t.me/cibsecurity/63751", "content": "\u203c CVE-2023-27563 \u203c\n\nThe n8n package 0.218.0 for Node.js allows Escalation of Privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:19:34.000000Z"}, {"uuid": "fe764b66-9441-4ea9-990e-5a47aa39a1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27569", "type": "seen", "source": "https://t.me/cibsecurity/60395", "content": "\u203c CVE-2023-27569 \u203c\n\nThe eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-21T19:35:04.000000Z"}, {"uuid": "0d9480f5-6fa5-42a2-bae9-d327770fa517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27561", "type": "seen", "source": "https://t.me/cibsecurity/59395", "content": "\u203c CVE-2023-27561 \u203c\n\nrunc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-04T09:04:54.000000Z"}, {"uuid": "85c69946-bd48-47f4-929c-a704cb7e2cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27567", "type": "seen", "source": "https://t.me/cibsecurity/59403", "content": "\u203c CVE-2023-27567 \u203c\n\nIn OpenBSD 7.2, a TCP packet with destination port 0 that matches a pf divert-to rule can crash the kernel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-04T00:35:26.000000Z"}, {"uuid": "df4cc517-750f-4384-9c80-f3c8d87ebbe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27566", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3883", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMOC3ingbird Exploit for Live2D (CVE-2023-27566)\nURL\uff1ahttps://github.com/OpenL2D/moc3ingbird\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-07T03:33:03.000000Z"}, {"uuid": "0a2d1faf-d289-4b89-9f37-910a01136354", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27566", "type": "seen", "source": "https://t.me/cibsecurity/59397", "content": "\u203c CVE-2023-27566 \u203c\n\nCubism Core in Live2D Cubism Editor 4.2.03 allows out-of-bounds write via a crafted Section Offset Table or Count Info Table in an MOC3 file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-03T22:35:16.000000Z"}, {"uuid": "80f3e878-f0dc-44e0-a00a-5504a68f748d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27560", "type": "seen", "source": "Telegram/MgKr21MoL3bMUC6ubul29EYmEYnD3Knxb7T4zNKUUknNHKoG", "content": "", "creation_timestamp": "2025-03-08T04:34:12.000000Z"}, {"uuid": "270560c9-47fc-4100-9e2e-35bf9c0366b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27567", "type": "seen", "source": "Telegram/t_6KYkavJsqWJ8KxfJ9EfmYgLq6eQa_HxjqpGeIamdIS2AY9", "content": "", "creation_timestamp": "2025-03-08T04:34:10.000000Z"}, {"uuid": "de12dd42-b546-4828-a9b8-bf9f369f1b08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27560", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6744", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27560\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Math/PrimeField.php in phpseclib 3.x before 3.0.19 has an infinite loop with composite primefields.\n\ud83d\udccf Published: 2023-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T20:19:00.544Z\n\ud83d\udd17 References:\n1. https://github.com/phpseclib/phpseclib/commit/6298d1cd55c3ffa44533bd41906caec246b60440\n2. https://github.com/phpseclib/phpseclib/releases/tag/3.0.19", "creation_timestamp": "2025-03-06T20:34:05.000000Z"}, {"uuid": "9e797493-3628-4699-98da-7d1a140955d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27563", "type": "seen", "source": "Telegram/6iaewjPdbCDRdiqhBPlwojJn5_HWNVd503rhzISLQnTtYyCl", "content": "", "creation_timestamp": "2025-01-28T03:22:55.000000Z"}, {"uuid": "e16978d9-cb7b-454b-abe9-3f8a03a2bbda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27562", "type": "seen", "source": "Telegram/k7t03MalwjLdqCngJjZK_PZP4--0UU7qsiY4l87dEKRbDADz", "content": "", "creation_timestamp": "2025-01-28T03:22:55.000000Z"}]}