{"vulnerability": "CVE-2023-4362", "sightings": [{"uuid": "3465ae96-548f-4a06-8c2b-8cbc666426f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43622", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-133-01", "content": "", "creation_timestamp": "2025-05-13T10:00:00.000000Z"}, {"uuid": "78619cda-dc5f-4171-ad6c-55b9da85fd1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43628", "type": "seen", "source": "https://t.me/ctinow/159006", "content": "https://ift.tt/zs5NHCy\nCVE-2023-43628 | GPSd 3.25.1~dev NTRIP Stream Parser integer underflow (TALOS-2023-1860)", "creation_timestamp": "2023-12-24T12:16:28.000000Z"}, {"uuid": "b80f45f3-d4ea-4fbc-809c-697e461bd557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43626", "type": "seen", "source": "https://t.me/cvedetector/5747", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-43626 - Intel Processors UEFI Firmware Escalation of Privilege Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-43626 \nPublished : Sept. 16, 2024, 5:16 p.m. | 14\u00a0minutes ago \nDescription : Improper access control in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-16T19:32:42.000000Z"}, {"uuid": "8329179b-9c92-4a82-b34f-25fbc7d514c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43627", "type": "seen", "source": "https://t.me/cibsecurity/71450", "content": "\u203c CVE-2023-43627 \u203c\n\nPath traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in ST(Standalone) mode.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T07:40:51.000000Z"}, {"uuid": "2477601a-6f62-4405-9993-4f45fbf686e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43625", "type": "seen", "source": "https://t.me/cibsecurity/71916", "content": "\u203c CVE-2023-43625 \u203c\n\nA vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T15:47:59.000000Z"}, {"uuid": "a7e7889f-fa5f-4fbd-921b-ba3da7931df3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43622", "type": "seen", "source": "https://t.me/cibsecurity/72760", "content": "\u203c CVE-2023-43622 \u203c\n\nAn attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known \"slow loris\" attack pattern.This has been fixed in version 2.4.58, so that such connection are terminated properly after the configured connection timeout.This issue affects Apache HTTP Server: from 2.4.55 through 2.4.57.Users are recommended to upgrade to version 2.4.58, which fixes the issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-23T12:37:25.000000Z"}, {"uuid": "28190842-5270-4390-8283-0fa372765309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43624", "type": "seen", "source": "https://t.me/cibsecurity/72758", "content": "\u203c CVE-2023-43624 \u203c\n\nCX-Designer Ver.3.740 and earlier (included in CX-One CXONE-AL[][]D-V4) contains an improper restriction of XML external entity reference (XXE) vulnerability. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Designer is installed may be disclosed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-23T12:37:23.000000Z"}, {"uuid": "cf72945a-eed4-4c87-b499-b96a5d8ad0da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43621", "type": "seen", "source": "https://t.me/cibsecurity/70783", "content": "\u203c CVE-2023-43621 \u203c\n\nAn issue was discovered in Croc through 9.6.5. The shared secret, located on a command line, can be read by local users who list all processes and their arguments.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T12:30:10.000000Z"}, {"uuid": "3b889b4d-7ce3-42fc-9e08-8ecc33bd57bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-43620", "type": "seen", "source": "https://t.me/cibsecurity/70776", "content": "\u203c CVE-2023-43620 \u203c\n\nAn issue was discovered in Croc through 9.6.5. A sender may place ANSI or CSI escape sequences in a filename to attack the terminal device of a receiver.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T14:50:50.000000Z"}, {"uuid": "40f40dd7-c52f-413a-9046-97bd2709f719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4362", "type": "seen", "source": "https://t.me/cibsecurity/68595", "content": "\u203c CVE-2023-4362 \u203c\n\nHeap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-15T22:36:56.000000Z"}]}