{"vulnerability": "CVE-2023-3642", "sightings": [{"uuid": "206882a9-7241-4894-b15e-1f127e890153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/AOpvdTsjzp7H3NHE-unulMxXJPzXcZMNwS8LLyL1I0LOWQ", "content": "", "creation_timestamp": "2023-11-15T15:55:39.000000Z"}, {"uuid": "7b7d2528-6751-45c0-a400-da25e13a3656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/ATQaTvXqrnp6OuAUPFQSjYHCjuZW6ekc8rLMzIH3bnw2QfA", "content": "", "creation_timestamp": "2024-05-14T06:44:20.000000Z"}, {"uuid": "ebc353a1-9199-46c7-872c-ff6bd0dc9676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/hwj8qWTsHymjsl6qp-fIeiBDZTJcCqyWtF3Eqdi5V5lz-s3q", "content": "", "creation_timestamp": "2025-01-14T13:34:05.000000Z"}, {"uuid": "2a12c230-3e17-4c35-85c3-a2c76beef72e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/HAO6Q3KDrucgwnuk85a4L7TO480hc0vOAf8MqQQwDc6JuOwG", "content": "", "creation_timestamp": "2024-11-24T07:43:47.000000Z"}, {"uuid": "4e9720ba-cf4f-44d8-9e58-e51eb6538efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/3kKwcrIJ5CRQO_soK7twQVVd8lD75bwJUR31ajRGcsXc_38j", "content": "", "creation_timestamp": "2024-11-09T16:03:47.000000Z"}, {"uuid": "c2281a27-9ddf-49f4-9221-87574e171e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/mD9HyOYUPKfjlxRAMFwlj6mfIc2Rz4yvZ-DFqOyROKTe2wcI", "content": "", "creation_timestamp": "2024-11-07T11:19:01.000000Z"}, {"uuid": "32f0d20a-a240-42bd-ad43-8b131c05f104", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/KjE6fU4EZ2QfGori_G2wiULWvRLtgJfnWzFxS3zMfhHFvhDM", "content": "", "creation_timestamp": "2024-11-07T11:18:29.000000Z"}, {"uuid": "b236fc6a-999b-40a2-a53e-118a410845ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/VnFRz10VXxPbE7Fkd7sVJ6yIzWTX0Ai3Vpka8Loj7C535R6c", "content": "", "creation_timestamp": "2024-11-06T00:42:41.000000Z"}, {"uuid": "6bea0aab-4b02-4b1e-9ea9-0318d1282742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/omPehZ1l3-nKb5twq1N-cDcrODwaf7W0hZ_WVGU6_dEDeUuA", "content": "", "creation_timestamp": "2025-02-17T19:51:56.000000Z"}, {"uuid": "e4bde192-55c2-4b09-9cec-53096a0c679a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/4359", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-24T01:12:42.000000Z"}, {"uuid": "f95f32ca-e077-4784-9288-a53e150198a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "seen", "source": "https://t.me/arpsyndicate/641", "content": "#ExploitObserverAlert\n\nCVE-2023-36427\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-36427. Windows Hyper-V Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.001460000\nNVD-IS: 5.9\nNVD-ES: 1.0", "creation_timestamp": "2023-11-28T12:58:00.000000Z"}, {"uuid": "4508687a-ecc2-49f7-afc6-8304baba4665", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/_98L3EyCzNmAuSmkglIXQ-mtGc_Y6zVf6BbZZW35zAg8OBwa", "content": "", "creation_timestamp": "2025-04-24T21:47:25.000000Z"}, {"uuid": "e9f55d90-a1e7-4832-aac7-ff8f30ceaedb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/30742", "content": "", "creation_timestamp": "2024-05-14T06:44:22.000000Z"}, {"uuid": "efd2965e-7f1e-4adb-b348-b79c2be9f8e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/310", "content": "Tools - Hackers Factory\n\nGitHub - Nassim-Asrir/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nGitHub - umutcamliyurt/PingRAT: PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.\n\nhttps://github.com/umutcamliyurt/PingRAT\n\nGitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4%\n\nhttps://github.com/Notselwyn/CVE-2024-1086\n\nAnother one in the eBPF game -> Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem\n\nhttps://github.com/tarsal-oss/kflowd\n\nGitHub - N0rz3/Phunter: Phunter is an osint tool allowing you to find various information via a phone number\n\nhttps://github.com/N0rz3/Phunter\n\nGitHub - jaykali/maskphish: Introducing \"URL Making Technology\" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.\n\nhttps://github.com/jaykali/maskphish\n\nGitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance\n\nhttps://github.com/dchrastil/ScrapedIn\n\nGitHub - mishakorzik/UserFinder: OSINT tool for finding profiles by username\n\nhttps://github.com/mishakorzik/UserFinder\n\nGitHub - PawanOsman/ChatGPT: OpenAI API Free Reverse Proxy\n\nhttps://github.com/PawanOsman/ChatGPT\n\nGitHub - Sk1dr0wz/Shodan_Scrapper\n\nhttps://github.com/Sk1dr0wz/Shodan_Scrapper\n\n#HackersFactory\nhttps://t.me/dilagrafie", "creation_timestamp": "2024-07-01T16:40:06.000000Z"}, {"uuid": "01c61882-9a2a-4738-a2ae-3077ff060b47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/tengkorakcybercrewz/791", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-24T01:12:42.000000Z"}, {"uuid": "7a7530fc-1520-4eac-acdb-a0457e3682d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatCommunity/7670", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-23T23:50:30.000000Z"}, {"uuid": "28c9c6c4-ed05-4f8c-b33a-6fe76e64f92c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3239", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-27T20:09:16.000000Z"}, {"uuid": "34a18e80-ede0-48f6-acd4-f8f8552684fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://t.me/proxy_bar/1949", "content": "CVE-2023-36424\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation \nexploit", "creation_timestamp": "2024-03-23T08:51:43.000000Z"}, {"uuid": "c3e0ce1d-ac28-48e7-bfc9-fa84d0495f2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3642", "type": "seen", "source": "https://t.me/cibsecurity/66593", "content": "\u203c CVE-2023-3642 \u203c\n\nA vulnerability was found in GZ Scripts Vacation Rental Website 1.8 and classified as problematic. Affected by this issue is some unknown functionality of the file /VacationRentalWebsite/property/8/ad-has-principes/ of the component HTTP POST Request Handler. The manipulation of the argument username/title/comment leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-233888.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-12T20:31:46.000000Z"}, {"uuid": "f108ac6e-4894-4d29-bc1a-9445ba8c4490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/24801", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-25T00:00:20.000000Z"}, {"uuid": "bc4c4b76-19cb-4ebf-8670-a214456e68d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9402", "content": "#exploit\n1. CVE-2023-32407:\nmacOS TCC bypass in Metal\nhttps://github.com/gergelykalman/CVE-2023-32407-a-macOS-TCC-bypass-in-Metal\n\n2. CVE-2023-36427:\nArbitrary physical memory corruption from the root partition on Windows\nhttps://github.com/tandasat/CVE-2023-36427\n\n3. CVE-2023-31320:\nDoS vulnerability in AMD driver that corrupts the display\nhttps://github.com/whypet/CVE-2023-31320", "creation_timestamp": "2023-11-16T11:01:01.000000Z"}, {"uuid": "f2b194da-baaa-4667-85b0-bcdfaacb4259", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "seen", "source": "MISP/7968b2cf-ef21-426c-84e1-ec5319bb04e5", "content": "", "creation_timestamp": "2023-12-30T10:18:30.000000Z"}, {"uuid": "52fc2435-35d8-470d-bed8-76c485225bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mjgzlauwzb2j", "content": "", "creation_timestamp": "2026-04-14T09:04:20.146529Z"}, {"uuid": "7bff7169-adae-4ac6-a2fd-422e71eadc19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://gist.github.com/stone776/3d08ecfe13c93ecafaa4d45bb1ff7634", "content": "", "creation_timestamp": "2026-04-14T14:13:46.000000Z"}, {"uuid": "44720ea4-7189-4fb4-a0a6-a37c8e694e4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5803", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aReport and exploit of CVE-2023-36427\nURL\uff1ahttps://github.com/tandasat/CVE-2023-36427\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-15T04:52:14.000000Z"}, {"uuid": "b8253764-0c4b-41e5-b103-8e0ab315c3c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/5D3ZpeYwn3_cRQW95tUdTi4zVAp3swbDCmER9qw9NNa5aak", "content": "", "creation_timestamp": "2025-05-26T19:29:30.000000Z"}, {"uuid": "baf26cc6-212a-483a-b909-a3b8e91516de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/Eg5gHPXFMMBA0ankQQdkyjhXj0Da5jn5Ghbj7isiSqsxlw", "content": "", "creation_timestamp": "2023-11-17T14:44:49.000000Z"}, {"uuid": "af6b3486-8cb8-410a-87ef-4779800c5995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/xNgM9Vyq-zYkQdqCGr-YnsoBHH5mjthQcIgnTPXedEAvNi_Z", "content": "", "creation_timestamp": "2025-01-08T08:51:06.000000Z"}, {"uuid": "ac2e3cfd-d43d-48d3-ad00-7fca90dce257", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/5YiXs7YbC983-9jRNv2sFy2bVpDbC6awxq4Y2fxZfML6lDtQ", "content": "", "creation_timestamp": "2024-12-22T14:03:07.000000Z"}, {"uuid": "fad08524-d1be-4e9b-87f2-d320c3174174", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/nYl9RA4I9CwFj-VOmMnisnCubwrzUCt80loEP57_p3YGQ4ce", "content": "", "creation_timestamp": "2025-04-24T21:47:24.000000Z"}, {"uuid": "f02cf984-7a16-4766-9679-082a25f29ca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/cMFbenlVG6jIfnAzk1QTNDj3s_2fj1mFqa43toYoHdGNikI6", "content": "", "creation_timestamp": "2025-01-14T13:34:06.000000Z"}, {"uuid": "c47e4852-fd20-4639-b442-4e7c64583428", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/x246_y_tkBi_21z_xh7IiA4PO_ZuQl-fDkTs0AJwZbshZvEd", "content": "", "creation_timestamp": "2024-12-22T14:03:02.000000Z"}, {"uuid": "87e66b29-00cc-49a4-a063-f29c9f72ae7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8098", "content": "Tools - Hackers Factory\n\nGitHub - Nassim-Asrir/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nGitHub - umutcamliyurt/PingRAT: PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.\n\nhttps://github.com/umutcamliyurt/PingRAT\n\nGitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4%\n\nhttps://github.com/Notselwyn/CVE-2024-1086\n\nAnother one in the eBPF game -> Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem\n\nhttps://github.com/tarsal-oss/kflowd\n\nGitHub - N0rz3/Phunter: Phunter is an osint tool allowing you to find various information via a phone number\n\nhttps://github.com/N0rz3/Phunter\n\nGitHub - jaykali/maskphish: Introducing \"URL Making Technology\" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.\n\nhttps://github.com/jaykali/maskphish\n\nGitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance\n\nhttps://github.com/dchrastil/ScrapedIn\n\nGitHub - mishakorzik/UserFinder: OSINT tool for finding profiles by username\n\nhttps://github.com/mishakorzik/UserFinder\n\nGitHub - PawanOsman/ChatGPT: OpenAI API Free Reverse Proxy\n\nhttps://github.com/PawanOsman/ChatGPT\n\nGitHub - Sk1dr0wz/Shodan_Scrapper\n\nhttps://github.com/Sk1dr0wz/Shodan_Scrapper\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-01T16:39:53.000000Z"}, {"uuid": "e423148e-76f9-49eb-a1d0-1c74dbb3d3bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/20641", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-03-23T23:50:48.000000Z"}, {"uuid": "001ef74b-bf9c-4a6d-804e-ba9c7d9cfef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3367", "content": "Tools - Hackers Factory\n\nGitHub - Nassim-Asrir/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nGitHub - umutcamliyurt/PingRAT: PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.\n\nhttps://github.com/umutcamliyurt/PingRAT\n\nGitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4%\n\nhttps://github.com/Notselwyn/CVE-2024-1086\n\nAnother one in the eBPF game -> Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem\n\nhttps://github.com/tarsal-oss/kflowd\n\nGitHub - N0rz3/Phunter: Phunter is an osint tool allowing you to find various information via a phone number\n\nhttps://github.com/N0rz3/Phunter\n\nGitHub - jaykali/maskphish: Introducing \"URL Making Technology\" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.\n\nhttps://github.com/jaykali/maskphish\n\nGitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance\n\nhttps://github.com/dchrastil/ScrapedIn\n\nGitHub - mishakorzik/UserFinder: OSINT tool for finding profiles by username\n\nhttps://github.com/mishakorzik/UserFinder\n\nGitHub - PawanOsman/ChatGPT: OpenAI API Free Reverse Proxy\n\nhttps://github.com/PawanOsman/ChatGPT\n\nGitHub - Sk1dr0wz/Shodan_Scrapper\n\nhttps://github.com/Sk1dr0wz/Shodan_Scrapper\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-01T16:42:32.000000Z"}, {"uuid": "3849d8d7-3db2-47af-8e66-7f5c632d8c6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6839", "content": "Tools - Hackers Factory\n\nGitHub - Nassim-Asrir/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nGitHub - umutcamliyurt/PingRAT: PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.\n\nhttps://github.com/umutcamliyurt/PingRAT\n\nGitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4%\n\nhttps://github.com/Notselwyn/CVE-2024-1086\n\nAnother one in the eBPF game -> Kernel-based Process Monitoring on Linux Endpoints for File System, TCP and UDP Networking Events and optionally DNS and HTTP Application Messages via eBPF Subsystem\n\nhttps://github.com/tarsal-oss/kflowd\n\nGitHub - N0rz3/Phunter: Phunter is an osint tool allowing you to find various information via a phone number\n\nhttps://github.com/N0rz3/Phunter\n\nGitHub - jaykali/maskphish: Introducing \"URL Making Technology\" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.\n\nhttps://github.com/jaykali/maskphish\n\nGitHub - dchrastil/ScrapedIn: A tool to scrape LinkedIn without API restrictions for data reconnaissance\n\nhttps://github.com/dchrastil/ScrapedIn\n\nGitHub - mishakorzik/UserFinder: OSINT tool for finding profiles by username\n\nhttps://github.com/mishakorzik/UserFinder\n\nGitHub - PawanOsman/ChatGPT: OpenAI API Free Reverse Proxy\n\nhttps://github.com/PawanOsman/ChatGPT\n\nGitHub - Sk1dr0wz/Shodan_Scrapper\n\nhttps://github.com/Sk1dr0wz/Shodan_Scrapper\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-01T16:39:53.000000Z"}, {"uuid": "2e7facba-e2a4-4e55-aa4c-4954c23f4519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/1510", "content": "Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nWindows Common Log File System Driver Elevation of Privilege Vulnerability\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424", "creation_timestamp": "2024-04-03T17:36:59.000000Z"}, {"uuid": "3ceec4f8-f8ab-4e53-81c0-51d131a9d0e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1735", "content": "#exploit\n1. CVE-2023-32407:\nmacOS TCC bypass in Metal\nhttps://github.com/gergelykalman/CVE-2023-32407-a-macOS-TCC-bypass-in-Metal\n\n2. CVE-2023-36427:\nArbitrary physical memory corruption from the root partition on Windows\nhttps://github.com/tandasat/CVE-2023-36427\n\n3. CVE-2023-31320:\nDoS vulnerability in AMD driver that corrupts the display\nhttps://github.com/whypet/CVE-2023-31320", "creation_timestamp": "2024-08-16T08:45:56.000000Z"}, {"uuid": "bc843260-1383-49fa-8734-b69766a4164a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mjibqcn4nv23", "content": "", "creation_timestamp": "2026-04-14T21:03:03.980728Z"}, {"uuid": "27842228-0963-4eef-b5d3-f7ddac2ff2af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36422", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13951", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-36422\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Windows Defender Elevation of Privilege Vulnerability\n\ud83d\udccf Published: 2023-11-14T17:57:10.156Z\n\ud83d\udccf Modified: 2025-04-29T23:34:48.032Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36422", "creation_timestamp": "2025-04-30T00:12:34.000000Z"}, {"uuid": "4b2476d9-8f00-4864-9161-80663531ae60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/l_KShKwh-J2TNSsKXhLPPhjGkVt-a2AwVu5moKnJhYGeG1np", "content": "", "creation_timestamp": "2024-11-24T07:43:51.000000Z"}, {"uuid": "1f842672-572b-4ade-acb8-55d2f286f4fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "seen", "source": "https://t.me/arpsyndicate/525", "content": "#ExploitObserverAlert\n\nCVE-2023-36427\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-36427. Windows Hyper-V Elevation of Privilege Vulnerability\n\nFIRST-EPSS: 0.001460000\nNVD-IS: 5.9\nNVD-ES: 1.0", "creation_timestamp": "2023-11-24T12:53:37.000000Z"}, {"uuid": "3a0a0a30-b064-40fc-a766-e924d089c69b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/BvpF_JSQr59ESDmUg9ywaTi_i-P55iWgGSJMnHbZmKnXV5oe", "content": "", "creation_timestamp": "2024-11-07T11:19:06.000000Z"}, {"uuid": "d706c7aa-8015-4032-9b32-8391f8fa136a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/iVSsYuVd5Z1t_9NlBZkqEJS46qNcx5tDT_cGGMt3f4mi5rFo", "content": "", "creation_timestamp": "2024-11-07T11:18:24.000000Z"}, {"uuid": "c147af3b-209f-4f02-a7d1-0accc39ee4c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/Qj4XnRo4jrmMk_NqRMZeDRBH89m_M_kprPlE-v1cSoKfQenE", "content": "", "creation_timestamp": "2024-11-06T00:42:38.000000Z"}, {"uuid": "2249cf8b-533b-4057-a261-c56318025f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/_cXlR8qtxJPclKah6TSWKhQc1CaZBcsIDsd_UYVlQFlu1aqG", "content": "", "creation_timestamp": "2024-11-09T16:03:51.000000Z"}, {"uuid": "c8b25ba1-414a-40ed-bf3d-0516e45ca767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/TPjd5BaN-TFSj03bJQYQujl8Dxw5miVdXCPm3dYp1Kk2B8CZ", "content": "", "creation_timestamp": "2025-01-08T08:51:01.000000Z"}, {"uuid": "b40a6237-28cd-4412-a2fc-f08b6969a5ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/149", "content": "Tools - Hackers Factory\n\nResources for Mobile Application Testing\n\nhttps://github.com/0xSojalSec/Mobile-Application-Security\n\nCVE-2024-1212: Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.\n\nhttps://github.com/Chocapikk/CVE-2024-1212\n\nbug_bounty_scripts\n/firebase-scanner.py\n\nhttps://github.com/geeknik/bug_bounty_scripts/blob/main/firebase-scanner.py\n\nIndirect syscalls + DInvoke made simple.\n\nhttps://github.com/nbaertsch/nimvoke\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n\nhttps://github.com/Nassim-Asrir/CVE-2023-36424\n\nOSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.\n\nhttps://github.com/Astrosp/Awesome-OSINT-For-Everything\n\nRembg is a tool to remove images background\n\nhttps://github.com/danielgatis/rembg\n\nHiddenVM \u2014 Use any desktop OS without leaving a trace.\n\nhttps://github.com/aforensics/HiddenVM\n\nGooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).\n\nhttps://github.com/m3n0sd0n4ld/GooFuzz\n\nRustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.\n\nhttps://github.com/joaoviictorti/RustRedOps\n\n#HackersFactory", "creation_timestamp": "2024-06-17T13:58:11.000000Z"}, {"uuid": "d0117c28-df92-44e3-9cd6-681cb6631c06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "Telegram/waYTBnHPXLzIIxoFXGfEcQB8OuBxgvQ-fk7YAIMOuxkXokc", "content": "", "creation_timestamp": "2024-05-11T20:18:42.000000Z"}, {"uuid": "f5582591-f4ad-459d-9f9e-9ac503a94c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36429", "type": "seen", "source": "https://t.me/cibsecurity/71998", "content": "\u203c CVE-2023-36429 \u203c\n\nMicrosoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:16:55.000000Z"}, {"uuid": "00a795f1-4f92-4146-9730-a8c14be18b90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/3619", "content": "CVE-2023-36424\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation \nexploit", "creation_timestamp": "2024-03-27T18:11:25.000000Z"}, {"uuid": "45ff1782-9208-4554-ac7c-520ff6f40f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2159", "content": "https://github.com/Nassim-Asrir/CVE-2023-36424\n\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\n#github", "creation_timestamp": "2024-03-22T17:30:37.000000Z"}, {"uuid": "f11ab62d-c054-408d-9a0c-9532fe9da150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/9584", "content": "#exploit\n1. CVE-2023-36424:\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\nhttps://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation\n\n2. CVE-2023-46818:\nISPConfig <=3.2.11 (language_edit.php) PHP Code Injection\nhttps://seclists.org/fulldisclosure/2023/Dec/2\n\n3. CVE-2023-26035:\nUnauth RCE in ZoneMinder Snapshots\nhttps://github.com/rvizx/CVE-2023-26035", "creation_timestamp": "2024-03-20T05:06:02.000000Z"}, {"uuid": "fede05b0-974b-4dbc-8c4d-0b52f2359aea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://t.me/Rootsec_2/2265", "content": "#exploit\n1. CVE-2023-36424:\nWindows Kernel Pool (clfs.sys) Corruption Privilege Escalation\nhttps://ssd-disclosure.com/ssd-advisory-windows-kernel-pool-clfs-sys-corruption-privilege-escalation\n\n2. CVE-2023-46818:\nISPConfig <=3.2.11 (language_edit.php) PHP Code Injection\nhttps://seclists.org/fulldisclosure/2023/Dec/2\n\n3. CVE-2023-26035:\nUnauth RCE in ZoneMinder Snapshots\nhttps://github.com/rvizx/CVE-2023-26035", "creation_timestamp": "2024-08-16T08:56:17.000000Z"}, {"uuid": "17528684-580c-4916-b926-beba9995f7f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/LBwwoRg0u9cHkfRRa40U3V4gxfLw4_AG5uyTNu6WHNjBiQg", "content": "", "creation_timestamp": "2024-11-07T11:18:21.000000Z"}, {"uuid": "8be1d30c-5aae-478b-8672-3b9cbbbe2e7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/QgZ37lqaIkDwcX1317c-QVcOZUV9beHXO26fIhWtMS7yWAY", "content": "", "creation_timestamp": "2024-11-07T11:18:40.000000Z"}, {"uuid": "afb35712-51dd-4cbc-919a-7f55a2755b29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/_ZI-3-YcxSHYGVE9NbVXe2kU1j67QyVYtw1Qd8rFcdOmNv0", "content": "", "creation_timestamp": "2024-11-06T00:42:06.000000Z"}, {"uuid": "ed1b567b-dc22-4f09-a7cc-0d7de5d19e96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6244766", "content": "", "creation_timestamp": "2026-04-13T18:07:27.752233Z"}, {"uuid": "13bd5617-1db8-4347-8d5d-834f169cc45a", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "exploited", "source": "https://db.gcve.eu/known-exploited-vulnerabilities-catalog/14e73713-aaf2-4385-b634-5b3aa493a7e5", "content": "", "creation_timestamp": "2026-04-13T18:00:03.122561Z"}, {"uuid": "a8f9a6a9-320c-44a3-981d-6b62e61e546a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-36424", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116399043810586963", "content": "", "creation_timestamp": "2026-04-13T19:27:37.375875Z"}, {"uuid": "cc56f19f-fc37-4e2e-9476-fabebe37acc5", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36424", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/6059aa7b-b7b7-45d5-a648-bfb52964a0ff", "content": "", "creation_timestamp": "2026-04-13T18:00:03.091265Z"}, {"uuid": "3aa7593e-7747-4003-883f-689c4ade3198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-36427", "type": "published-proof-of-concept", "source": "Telegram/lqjMZjpsHRoeuzCGamjoNHOVD09ZQruRL2REzutuRRVAPQ", "content": "", "creation_timestamp": "2025-05-04T04:37:21.000000Z"}]}