{"vulnerability": "CVE-2023-5129", "sightings": [{"uuid": "74b2fe9f-b7aa-4334-9532-4884aa4829c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "exploited", "source": "https://t.me/kasperskyb2b/895", "content": "\ud83d\udfe1 \u0423\u0436\u0435  \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u0431\u0430\u0433\u0430 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 LibWebP, \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Chrome, \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u043e\u0432\u0443\u044e CVE-2023-5129 \u0438 \u043d\u043e\u0432\u044b\u0439 \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u0439 CVSS 10.  \u041d\u0430\u0434\u0435\u0435\u043c\u0441\u044f, \u044d\u0442\u043e \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0432\u0442\u043e\u0440\u043e\u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u043d\u043e \u0438 \u0432\u0441\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043d\u0430 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Electron. \u041f\u0430\u0440\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u043e\u0432 \u043d\u0430\u0432\u0441\u043a\u0438\u0434\u043a\u0443: 1Password, Figma, Signal, Slack, Twitch. \n\n\ud83d\udd04 \u041d\u043e Google Chrome \u0442\u043e\u0436\u0435 \u043d\u0430\u0434\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c. \u0412\u0447\u0435\u0440\u0430  \u043d\u0430\u0447\u0430\u043b\u0430\u0441\u044c \u0440\u0430\u0437\u0434\u0430\u0447\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e 117.0.5938.132, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-5217. \u041e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432\u0435\u043d\u0434\u043e\u0440\u0430\u043c\u0438 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0433\u043e spyware.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438  @\u041f2\u0422", "creation_timestamp": "2023-09-28T11:35:42.000000Z"}, {"uuid": "41f23fcd-1d47-4c25-89db-d03674e9f7f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51295", "type": "seen", "source": "https://t.me/cvedetector/24839", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51295 - PHPJabbers Event Booking Calendar HTML Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-51295 \nPublished : May 8, 2025, 4:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the \"name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title\" parameters. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T20:07:47.000000Z"}, {"uuid": "eefffe2c-4ff6-48f5-93db-4bc3ce866cfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://t.me/ctinow/139753", "content": "https://ift.tt/bHFdvnA\nGoogle LibWebP Arbitrary Code Execution Vulnerability (CVE-2023-5129) Notification", "creation_timestamp": "2023-09-27T23:48:36.000000Z"}, {"uuid": "a84d601b-f987-4e6c-ae84-206160577ae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://t.me/ctinow/139637", "content": "https://ift.tt/1mjIfZg\nWatch out! CVE-2023-5129 in libwebp library affects millions applications", "creation_timestamp": "2023-09-27T16:42:05.000000Z"}, {"uuid": "73d14d38-c2e3-4a33-838f-9f2ad8b00074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://t.me/ctinow/139587", "content": "https://ift.tt/sLBw1jz\nGoogle \u201cconfirms\u201d that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)", "creation_timestamp": "2023-09-27T14:26:31.000000Z"}, {"uuid": "36e1bf70-c6a6-453b-a2dd-dbf68693a5b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "exploited", "source": "Telegram/_HCBX68TwFjipYdnBqKaxj-HEA9Rd2dgUsri2_swKrN0fg", "content": "", "creation_timestamp": "2023-09-27T09:16:48.000000Z"}, {"uuid": "bce0ab16-20e8-4727-b842-3e6db9ad6922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "exploited", "source": "https://t.me/KomunitiSiber/850", "content": "Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score\nhttps://thehackernews.com/2023/09/new-libwebp-vulnerability-under-active.html\n\nGoogle has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the\u00a0WebP format\u00a0that has come under active exploitation in the wild.\nTracked as\u00a0CVE-2023-5129, the issue has been given the maximum severity score of 10.0 on the CVSS rating system. It has been described as an issue rooted in the\u00a0Huffman coding algorithm\u00a0-\nWith a specially", "creation_timestamp": "2023-09-27T09:42:38.000000Z"}, {"uuid": "ddfc0a15-f277-40fc-9673-df6dcd62e1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "Telegram/pKNKEMb3dnC9Vx0_uJsatQXJC6uqM0lf_AGKhiruLVz24UI", "content": "", "creation_timestamp": "2023-09-27T13:26:18.000000Z"}, {"uuid": "35e492fd-d0a9-4870-af77-16484bbc6751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "exploited", "source": "https://t.me/thehackernews/3926", "content": "\ud83d\udea8Libwebp image library under attack! A new CVE-2023-5129 has emerged, scoring a maximum 10.0 on CVSS. \n \nGet the details now: https://thehackernews.com/2023/09/new-libwebp-vulnerability-under-active.html", "creation_timestamp": "2023-09-27T07:26:11.000000Z"}, {"uuid": "86857849-b19f-416e-afaf-da013621c81c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://t.me/xakep_ru/14752", "content": "Google \u043f\u0435\u0440\u0435\u0441\u043c\u043e\u0442\u0440\u0435\u043b\u0430 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 libwebp. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 10 \u0431\u0430\u043b\u043b\u043e\u0432 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Google, \u043d\u0435 \u0434\u0435\u043b\u0430\u044f \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0430\u043d\u043e\u043d\u0441\u043e\u0432, \u043f\u0435\u0440\u0435\u0441\u043c\u043e\u0442\u0440\u0435\u043b\u0430 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-4863, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441 \u043e\u043f\u0435\u043d\u0441\u043e\u0440\u0441\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u043e\u0439 libwebp. \u0422\u0435\u043f\u0435\u0440\u044c, \u043a\u0430\u043a \u0438 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u043b\u0438 \u0418\u0411-\u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b, \u044d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0442\u044b\u0441\u044f\u0447\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f (10 \u0431\u0430\u043b\u043b\u043e\u0432 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS) \u0438 \u0438\u043c\u0435\u0435\u0442 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE \u2014 CVE-2023-5129.\n\nhttps://xakep.ru/2023/09/27/libwebp-cve-2023-5129/", "creation_timestamp": "2023-09-27T18:09:49.000000Z"}, {"uuid": "11ad3532-0002-4bf7-ace0-b13a2620d5ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "Telegram/v-rtKlM6AbNxRu6gGXURYoKIEjT9Fy7IMjFoE7Yx0cg6xxo", "content": "", "creation_timestamp": "2023-12-18T16:33:08.000000Z"}, {"uuid": "d022c2d5-78c2-4196-ae34-103cb851670d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51295", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loodkfy54x22", "content": "", "creation_timestamp": "2025-05-08T16:48:57.828163Z"}, {"uuid": "f5ddb0aa-c3fd-4c64-bffc-91d9a0fa229f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mbjzcakrf72p", "content": "", "creation_timestamp": "2026-01-03T18:15:44.618889Z"}, {"uuid": "2a118b35-c58b-469a-a5aa-8777aa299dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://t.me/itsec_news/3327", "content": "\u200b\u26a1\ufe0fGoogle \u043d\u0443\u043b\u0451\u0432\u043a\u0430: \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0435 \u041f\u041e \u043f\u0440\u043e\u043d\u0438\u043a\u0430\u0435\u0442 \u0447\u0435\u0440\u0435\u0437 \u043d\u043e\u0432\u0443\u044e \u0434\u044b\u0440\u0443 Chrome.\n\n\ud83d\udcac \u0417\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Google \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0431\u043e\u0440\u0435\u0442\u0441\u044f \u0441 \u0443\u0433\u0440\u043e\u0437\u0430\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u0441 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u043c Chrome. \u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0435 \u043d\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u0432 \u0441\u0440\u043e\u0447\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435 \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435\u043c \u043f\u044f\u0442\u043e\u0439 \u043f\u043e \u0441\u0447\u0435\u0442\u0443 0day-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0433\u043e\u0434\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, Google \u043e\u0441\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0430 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e CVE-2023-5217 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445. \u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Google Chrome 117.0.5938.132 \u0434\u043b\u044f Windows, Mac \u0438 Linux. \u041f\u043e\u043c\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0431\u0440\u0430\u0443\u0437\u0435\u0440 \u0431\u0443\u0434\u0435\u0442 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u0438\u0445 \u043f\u043e\u0441\u043b\u0435 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0435\u0433\u043e \u0437\u0430\u043f\u0443\u0441\u043a\u0430, \u0447\u0442\u043e\u0431\u044b \u0432\u0441\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-5217, \u043e\u0442\u043d\u0435\u0441\u0435\u043d\u043d\u0430\u044f \u043a \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 VP8 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0432\u0438\u0434\u0435\u043e\u043a\u043e\u0434\u0435\u043a\u043e\u0432 libvpx \u043e\u0442 Google \u0438 Alliance for Open Media (AOMedia). \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044f\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u041e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438\u0437 \u0433\u0440\u0443\u043f\u043f\u044b \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0443\u0433\u0440\u043e\u0437 Google TAG 25 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0438\u0435 Google \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-5217 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u043e \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c. \u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e, \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0435\u0442\u0430\u043b\u044f\u043c \u043e\u0448\u0438\u0431\u043a\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c \u0441\u0441\u044b\u043b\u043a\u0430\u043c \u043c\u043e\u0436\u0435\u0442 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0434\u043e \u0442\u0435\u0445 \u043f\u043e\u0440, \u043f\u043e\u043a\u0430 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u044f\u0442 \u0441\u0432\u043e\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u044b. \u0422\u0430\u043a\u043e\u0439 \u043f\u043e\u0434\u0445\u043e\u0434 \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u043e \u043c\u0435\u0440\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0441\u0442\u0430\u043d\u043e\u0432\u044f\u0442\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0431\u043e\u043b\u044c\u0448\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439.\n\n\u0422\u0430\u043a\u0436\u0435 \u0441\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e Google \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f CVE-2023-4863 \u0432\u0441\u0435\u0433\u043e 2 \u043d\u0435\u0434\u0435\u043b\u0438 \u043d\u0430\u0437\u0430\u0434, \u0447\u0442\u043e \u0441\u0442\u0430\u043b\u043e \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u043c \u0441\u043b\u0443\u0447\u0430\u0435\u043c \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0433\u043e\u0434\u0430. \u0421\u043d\u0430\u0447\u0430\u043b\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0442\u043d\u0435\u0441\u043b\u0430 \u0441\u043b\u0443\u0447\u0430\u0439 \u043a \u043e\u0448\u0438\u0431\u043a\u0430\u043c Chrome, \u043d\u043e \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0430 \u0434\u0440\u0443\u0433\u043e\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE (CVE-2023-5129) \u0438 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 10/10, \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0438\u0432 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u0433\u0440\u043e\u0437\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 libwebp, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Signal, 1Password, Mozilla Firefox, Microsoft Edge, Apple's Safari \u0438 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440 Android.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-09-30T17:37:29.000000Z"}, {"uuid": "ef0f40bc-6dde-44a5-894f-aaf595d36ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "exploited", "source": "https://t.me/BleepingComputer/18314", "content": "Latest news and stories from BleepingComputer.com\nGoogle assigns new maximum rated CVE to libwebp bug exploited in attacks\n\nGoogle has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and patched two weeks ago. [...]", "creation_timestamp": "2023-09-26T17:23:29.000000Z"}, {"uuid": "9548b201-97bc-41fb-b61c-5c502aebb27b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "exploited", "source": "https://t.me/BleepingComputer/18310", "content": "\u200aGoogle assigns new maximum rated CVE to libwebp bug exploited in attacks\n\nGoogle has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and patched two weeks ago. [...]\n\nhttps://www.bleepingcomputer.com/news/security/google-assigns-new-maximum-rated-cve-to-libwebp-bug-exploited-in-attacks/", "creation_timestamp": "2023-09-26T17:10:45.000000Z"}, {"uuid": "1f192a7e-3e4d-4913-b0bd-2a437a1e84f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "exploited", "source": "https://t.me/true_secator/4905", "content": "Google \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u044f\u0442\u0443\u044e 0-day \u0432 Chrome, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430\u00a0 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438\u00a0\u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 VP8 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0432\u0438\u0434\u0435\u043e\u043a\u043e\u0434\u0435\u043a\u043e\u0432 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c libvpx.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0440\u0430\u0437\u043d\u044b\u043c\u0438: \u043e\u0442 \u0441\u0431\u043e\u0435\u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0434\u043e RCE.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0435\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0438 \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f CVE-2023-5217.\n\n\u041e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Google Threat Analysis Group \u0432 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a, 25 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f.\n\n\u0414\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u043b\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0438 \u0441\u0442\u0430\u0432\u0448\u0438\u0435 \u0435\u0439 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u041c\u044d\u0434\u0434\u0438 \u0421\u0442\u043e\u0443\u043d \u0438\u0437 Google TAG \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f CVE-2023-5217 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e, \u043a\u0430\u043a\u043e\u0433\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u043f\u043e\u043a\u0430 \u043d\u0435 \u044f\u0441\u043d\u043e.\n\n\u0415\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u0447\u0442\u043e \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0435\u043d\u0438\u0435\u043c \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f Citizen Lab \u0438 Google TAG \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2023-4863.\n\n\u041a\u0441\u0442\u0430\u0442\u0438, \u0435\u0441\u043b\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430 \u0435\u0435 \u043a\u0430\u043a \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0432 Chrome, \u0442\u043e \u043f\u043e\u0437\u0436\u0435\u00a0\u043f\u0440\u0438\u0441\u0432\u043e\u0438\u043b\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0443 CVE (CVE-2023-5129) \u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 10/10.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0441  \u043a\u0430\u043a\u00a0CVE-2023-41064. \u041e\u0431\u0435 \u0431\u044b\u043b\u0438 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0441 \u043d\u0443\u043b\u0435\u0432\u044b\u043c \u0449\u0435\u043b\u0447\u043a\u043e\u043c \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c BLASTPASS.\n\n\u041f\u043e\u0437\u0436\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Rezilion \u0443\u0432\u0438\u0434\u0435\u043b\u0438, \u0447\u0442\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0448\u0438\u0440\u0435, \u0447\u0435\u043c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e.\n\n\u041f\u0440\u0438 \u0431\u043e\u043b\u0435\u0435 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u043c \u0438\u0437\u0443\u0447\u0435\u043d\u0438\u0438 \u0432\u044b\u044f\u0441\u043d\u0438\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0431\u0430\u0433\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 libwebp, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0432 \u0431\u043e\u043b\u044c\u0448\u043e\u043c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Signal, 1Password, Mozilla Firefox, Microsoft Edge, Apple Safari, Android browser \u0438 \u0434\u0440.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c libwebp, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u044b \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443 \u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u0442 \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043e\u043f\u0430\u0441\u0435\u043d\u0438\u044f \u043a\u0430\u043a \u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432, \u0442\u0430\u043a \u0438 \u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.", "creation_timestamp": "2023-09-28T12:42:45.000000Z"}, {"uuid": "c4325cdb-52ad-4d74-acb0-a6e3a2c5c05c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://t.me/cibsecurity/71025", "content": "\u203c CVE-2023-5129 \u203c\n\nWith a specially crafted WebP lossless file, libwebp may write data out of bounds to the heap.The ReadHuffmanCodes() function allocates the HuffmanCode buffer with a size that comes from an array of precomputed sizes: kTableSize. The color_cache_bits value defines which size to use.The kTableSize array only takes into account sizes for 8-bit first-level table lookups but not second-level table lookups. libwebp allows codes that are up to 15-bit (MAX_ALLOWED_CODE_LENGTH). When BuildHuffmanTable() attempts to fill the second-level tables it may write data out-of-bounds. The OOB write to the undersized array happens in ReplicateValue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-26T00:34:41.000000Z"}, {"uuid": "d74dae19-f253-412a-8b2e-159bc6b94503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51293", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lin6srvsx22r", "content": "", "creation_timestamp": "2025-02-20T21:02:36.367806Z"}, {"uuid": "4864e496-968c-4b0a-acac-38b420868d77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51296", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lin6sryddk2g", "content": "", "creation_timestamp": "2025-02-20T21:02:36.961261Z"}, {"uuid": "8bc485d1-524c-4462-aedb-a27c57975149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51297", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lin6ss2ogl2i", "content": "", "creation_timestamp": "2025-02-20T21:02:37.439939Z"}, {"uuid": "2cbb3873-777d-4ac0-be30-8031754e4044", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51298", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lin6ss552w2l", "content": "", "creation_timestamp": "2025-02-20T21:02:38.054342Z"}, {"uuid": "a910d92f-8822-4bb1-bddc-0d7b8b689953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51299", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lin6ss7mt42c", "content": "", "creation_timestamp": "2025-02-20T21:02:38.549468Z"}, {"uuid": "05d7f30d-fe5f-4069-87dd-ca1eeda7b5a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://t.me/ap_security/78", "content": "\ud83c\udf10\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 libwebp \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u0431\u0430\u043b\u043b \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS\n\n\u27a1\ufe0f\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-5129 10 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS\n\n\u27a1\ufe0f\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0435 \u0425\u0430\u0444\u0444\u043c\u0430\u043d\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0431\u0443\u0444\u0435\u0440\u0430\n\n\u27a1\ufe0f\u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f\n\n#infosec #itnews #cve", "creation_timestamp": "2023-09-28T05:14:42.000000Z"}, {"uuid": "8ed6e6bb-aa94-4815-98a9-29a0bcb04b02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51295", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16047", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-51295\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the \"name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title\" parameters.\n\ud83d\udccf Published: 2025-05-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-12T19:39:11.473Z\n\ud83d\udd17 References:\n1. https://www.phpjabbers.com/event-booking-calendar/#sectionDemo\n2. https://packetstorm.news/files/id/176485", "creation_timestamp": "2025-05-12T20:29:48.000000Z"}, {"uuid": "573a09d0-444b-4cf6-990a-41ac4aee4b0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "https://t.me/ap_security/143", "content": "\ud83c\udf10\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 libwebp \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u0431\u0430\u043b\u043b \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS\n\n\u27a1\ufe0f\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-5129 10 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS\n\n\u27a1\ufe0f\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c\u0435 \u0425\u0430\u0444\u0444\u043c\u0430\u043d\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u0431\u0443\u0444\u0435\u0440\u0430\n\n\u27a1\ufe0f\u0414\u0430\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f\n\n#infosec #itnews #cve", "creation_timestamp": "2023-09-28T05:14:42.000000Z"}, {"uuid": "4472478e-5cf7-4108-83e2-8d3d3a6afb62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51293", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3likrwtrcix26", "content": "", "creation_timestamp": "2025-02-19T22:06:58.272628Z"}, {"uuid": "e958a64b-2665-48df-9376-a30cdebe9821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51296", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3likrwtukyo24", "content": "", "creation_timestamp": "2025-02-19T22:06:58.880747Z"}, {"uuid": "c0ee0138-01c8-4e8a-b0d3-66f7560c494f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51299", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3likz7jzbwm22", "content": "", "creation_timestamp": "2025-02-20T00:17:02.701509Z"}, {"uuid": "07d42de5-e374-40ea-bf74-71147917f040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51295", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lord65jolv2c", "content": "", "creation_timestamp": "2025-05-09T21:02:21.205703Z"}, {"uuid": "1b4f177f-00ad-41d7-9d02-e4796a251378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-5129", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:50.000000Z"}, {"uuid": "1f1be699-8da6-4a09-a973-130bd689c856", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51297", "type": "seen", "source": "https://t.me/cvedetector/18470", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51297 - PHPJabbers Hotel Booking System Email Settings Email Bombing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-51297 \nPublished : Feb. 19, 2025, 8:15 p.m. | 24\u00a0minutes ago \nDescription : A lack of rate limiting in the 'Email Settings' feature of PHPJabbers Hotel Booking System v4.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T22:05:36.000000Z"}, {"uuid": "f5cb1446-c234-4c81-80c5-c4cc9ad6cc10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51298", "type": "seen", "source": "https://t.me/cvedetector/18469", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51298 - PHPJabbers Event Booking Calendar CSV Injection Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-51298 \nPublished : Feb. 19, 2025, 8:15 p.m. | 24\u00a0minutes ago \nDescription : PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T22:05:36.000000Z"}, {"uuid": "4bbf793a-0835-4092-b680-1f99a5afaa18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51299", "type": "seen", "source": "https://t.me/cvedetector/18468", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51299 - PHPJabbers Hotel Booking System HTML Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-51299 \nPublished : Feb. 19, 2025, 8:15 p.m. | 24\u00a0minutes ago \nDescription : PHPJabbers Hotel Booking System v4.0 is vulnerable to HTML Injection in the \"name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title\" parameters. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T22:05:35.000000Z"}, {"uuid": "36f3a8ec-33e6-43e4-bfb2-bae9bc57bef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51296", "type": "seen", "source": "https://t.me/cvedetector/18474", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51296 - PHPJabbers Event Booking Calendar XSS\", \n  \"Content\": \"CVE ID : CVE-2023-51296 \nPublished : Feb. 19, 2025, 7:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : PHPJabbers Event Booking Calendar v4.0 is vulnerable to Cross-Site Scripting (XSS) in the \"name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key\" parameters which allows attackers to execute arbitrary code \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T22:05:43.000000Z"}, {"uuid": "baf032a8-7e7e-4dfc-a7c3-a04268274970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-51293", "type": "seen", "source": "https://t.me/cvedetector/18473", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-51293 - PHPJabbers Event Booking Calendar Email Settings Unauthenticated Email Flood Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-51293 \nPublished : Feb. 19, 2025, 7:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Event Booking Calendar v4.0 allows attackers to send an excessive amount of email for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T22:05:42.000000Z"}]}