{"vulnerability": "CVE-2023-2886", "sightings": [{"uuid": "f11e82cf-d091-42c3-aaff-97ef2a8fec7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28865", "type": "seen", "source": "https://t.me/cvedetector/2814", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-28865 - Diebold Nixdorf Vynamic Security Suite Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-28865 \nPublished : Aug. 8, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR15, 4.0.0 SR05, 4.1.0 SR03, and 4.2.0 SR02 fails to validate the directory contents of certain directories (e.g., ensuring the expected hash sum) during the Pre-Boot Authorization (PBA) process. This can be exploited by a physical attacker who is able to manipulate the contents of the system's hard disk. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-08T20:35:14.000000Z"}, {"uuid": "c729f222-2786-4a95-98dc-f16edc013621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28868", "type": "seen", "source": "https://t.me/ctinow/161230", "content": "https://ift.tt/XC5bmYJ\nCVE-2023-28868 | NCP Secure Enterprise Client up to 12.21 symlink (usd-2022-0002)", "creation_timestamp": "2024-01-01T08:26:47.000000Z"}, {"uuid": "4148398e-4639-4f10-a474-2cebcf3c0bb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28869", "type": "seen", "source": "https://t.me/ctinow/161228", "content": "https://ift.tt/76fvpwe\nCVE-2023-28869 | NCP Secure Enterprise Client up to 12.21 symlink (usd-2022-0003)", "creation_timestamp": "2024-01-01T08:26:45.000000Z"}, {"uuid": "ba13eee7-1555-451b-a834-03dca615588e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28864", "type": "seen", "source": "https://t.me/cibsecurity/66858", "content": "\u203c CVE-2023-28864 \u203c\n\nProgress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the \"chef-server-ctl reconfigure\" command.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-18T00:45:29.000000Z"}, {"uuid": "144fbc0f-2172-459f-b969-bb8b5d6abc2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28863", "type": "seen", "source": "https://t.me/cibsecurity/62351", "content": "\u203c CVE-2023-28863 \u203c\n\nAMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-18T18:29:08.000000Z"}, {"uuid": "1d16a7a6-eb3a-4627-a0eb-64cec469076d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28862", "type": "seen", "source": "https://t.me/cibsecurity/61258", "content": "\u203c CVE-2023-28862 \u203c\n\nAn issue was discovered in LemonLDAP::NG before 2.16.1. Weak session ID generation in the AuthBasic handler and incorrect failure handling during a password check allow attackers to bypass 2FA verification. Any plugin that tries to deny session creation after the store step does not deny an AuthBasic session.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-31T20:22:27.000000Z"}, {"uuid": "63a5c400-17d3-408d-946b-298d8f67fd6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2886", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lyiqc3nnx7d2", "content": "", "creation_timestamp": "2025-09-10T17:16:55.868341Z"}]}