{"vulnerability": "CVE-2023-4022", "sightings": [{"uuid": "caf7614b-43e0-48a5-b7b7-81a47cc1303a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40222", "type": "seen", "source": "Telegram/UIBeqPnl4Qqf-UtPqf_iinIeNc9IbfTVE0V8oiGXsSMxZ_yj", "content": "", "creation_timestamp": "2025-02-06T02:43:27.000000Z"}, {"uuid": "c06d0eda-a6b5-4a27-a693-737332c5d177", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40221", "type": "seen", "source": "https://t.me/cibsecurity/70678", "content": "\u203c CVE-2023-40221 \u203c\n\n** UNSUPPPORTED WHEN ASSIGNED ** The absence of filters when loading some sections in the web application of the vulnerable device allows potential attackers to inject malicious code that will be interpreted when a legitimate user accesses the web section (MAIL SERVER) where the information is displayed. Injection can be done on parameter MAIL_RCV. When a legitimate user attempts to review NOTIFICATION/MAIL SERVER, the injected code will be executed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-19T00:28:48.000000Z"}, {"uuid": "59cb4c65-6080-46a4-b2d2-0531826933c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40224", "type": "seen", "source": "https://t.me/cibsecurity/68259", "content": "\u203c CVE-2023-40224 \u203c\n\nMISP 2.4174 allows XSS in app/View/Events/index.ctp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T00:16:13.000000Z"}, {"uuid": "1fb7302c-520e-4a8b-8520-fdcac0b2edfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40225", "type": "seen", "source": "https://t.me/cibsecurity/68253", "content": "\u203c CVE-2023-40225 \u203c\n\nHAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T00:16:04.000000Z"}, {"uuid": "75d886b7-e58c-4cb9-878a-e8d2c7a8481d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40228", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7767", "content": "External Exposure Management as a Service | Patrowl\n\nhttps://preprod.patrowl.io/blog-omnispace-from-automated-xss-to-rce-cve-2023-40228/", "creation_timestamp": "2023-09-13T08:10:09.000000Z"}, {"uuid": "4ec6fcde-5a19-46a5-84d1-ec90f0313ada", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40223", "type": "seen", "source": "https://t.me/cvedetector/1169", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-40223 - Philips Vue PACS Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2023-40223 \nPublished : July 18, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : Philips Vue PACS does not properly assign, modify, track, or check actor privileges, creating an unintended sphere of control for that actor. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T20:08:29.000000Z"}, {"uuid": "19b7f20a-1a32-49d9-9533-92695ad0d808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40222", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113947928035361056", "content": "", "creation_timestamp": "2025-02-04T22:16:38.626958Z"}, {"uuid": "45a48371-1283-4057-bf4c-a37242612ccf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40222", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhfjcgrvwm2z", "content": "", "creation_timestamp": "2025-02-05T02:23:50.046192Z"}, {"uuid": "fdbfe580-1d35-4ce3-9f22-e07160200677", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40222", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhf6rykrfc2r", "content": "", "creation_timestamp": "2025-02-04T23:15:40.314563Z"}, {"uuid": "63ed0722-7f79-43e3-ad4f-8608ce838cfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-40222", "type": "seen", "source": "https://t.me/cvedetector/17266", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-40222 - Ashlar-Vellum Cobalt Heap-Based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2023-40222 \nPublished : Feb. 4, 2025, 11:15 p.m. | 2\u00a0hours, 15\u00a0minutes ago \nDescription : In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T03:16:30.000000Z"}]}