{"vulnerability": "cve-2023-2234", "sightings": [{"uuid": "bd888630-b693-49c1-96c9-2d2d5b7f8795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22345", "type": "seen", "source": "https://t.me/cibsecurity/57991", "content": "\u203c CVE-2023-22345 \u203c\n\nOut-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T07:29:41.000000Z"}, {"uuid": "d48fd269-f03e-49fb-8e0b-feb23c6079be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22347", "type": "seen", "source": "https://t.me/cibsecurity/57983", "content": "\u203c CVE-2023-22347 \u203c\n\nOut-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T07:29:30.000000Z"}, {"uuid": "5effbb6f-200f-42d6-ba2c-b0e246759587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22349", "type": "seen", "source": "https://t.me/cibsecurity/57981", "content": "\u203c CVE-2023-22349 \u203c\n\nOut-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T07:29:28.000000Z"}, {"uuid": "db5c2fb8-ee07-48c8-87d5-28fa201ad923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22346", "type": "seen", "source": "https://t.me/cibsecurity/57984", "content": "\u203c CVE-2023-22346 \u203c\n\nOut-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T07:29:31.000000Z"}, {"uuid": "cb0d5fea-3ddf-485b-8bd0-8029e0a353f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22341", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8922", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22341\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate:\n\n  *  An OAuth Server that references an OAuth Provider\n  *  An OAuth profile with the Authorization Endpoint set to '/'\n  *  An access profile that references the above OAuth profile and is associated with an HTTPS virtual server \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\n\n\ud83d\udccf Published: 2023-02-01T17:54:17.997Z\n\ud83d\udccf Modified: 2025-03-26T18:02:34.827Z\n\ud83d\udd17 References:\n1. https://my.f5.com/manage/s/article/K20717585", "creation_timestamp": "2025-03-26T18:25:30.000000Z"}, {"uuid": "9a1edfe4-4785-4c35-8e46-0c338ff32156", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22340", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8921", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22340\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udccf Published: 2023-02-01T17:54:06.566Z\n\ud83d\udccf Modified: 2025-03-26T18:03:01.098Z\n\ud83d\udd17 References:\n1. https://my.f5.com/manage/s/article/K34525368", "creation_timestamp": "2025-03-26T18:25:30.000000Z"}, {"uuid": "7a3bbd20-dc2c-4199-b2b5-3982b7f93f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22342", "type": "seen", "source": "https://t.me/ctinow/201172", "content": "https://ift.tt/J7EXT26\nCVE-2023-22342 | Intel Thunderbolt DCH Drivers on Windows input validation (intel-sa-00851)", "creation_timestamp": "2024-03-06T10:11:30.000000Z"}, {"uuid": "cb6e38a8-0a9b-48f0-a4a8-84444f3cdd44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22341", "type": "seen", "source": "https://t.me/cibsecurity/57329", "content": "\u203c CVE-2023-22341 \u203c\n\nOn version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate: * An OAuth Server that references an OAuth Provider * An OAuth profile with the Authorization Endpoint set to '/' * An access profile that references the above OAuth profile and is associated with an HTTPS virtual server Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T20:14:29.000000Z"}, {"uuid": "c05e4881-0350-406e-8bb1-a809b5851ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22340", "type": "seen", "source": "https://t.me/cibsecurity/57321", "content": "\u203c CVE-2023-22340 \u203c\n\nOn BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T20:14:18.000000Z"}, {"uuid": "3212e60e-b0db-4f07-a498-c2c8ba520d53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22345", "type": "seen", "source": "https://gist.github.com/alon710/25b7b7b0cbdb2042e87564dcca5bdb73", "content": "", "creation_timestamp": "2026-01-24T21:24:41.000000Z"}, {"uuid": "7a533ebd-a37b-4f3d-be26-543d939a8bd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22345", "type": "seen", "source": "https://gist.github.com/alon710/93399d238e7c8410423d6f928819179c", "content": "", "creation_timestamp": "2026-01-24T22:32:13.000000Z"}, {"uuid": "96ddf42a-27f8-4738-b883-b545d7956164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22344", "type": "seen", "source": "Telegram/NYZmz1eOKNDAGNnnuRUvzWQuP9X38H3odG6pDdaeLU612Qet", "content": "", "creation_timestamp": "2025-03-08T04:34:10.000000Z"}, {"uuid": "40cd2578-2068-4331-8c1a-42f465d5cc48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22349", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8357", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22349\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.\n\ud83d\udccf Published: 2023-02-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T14:51:41.693Z\n\ud83d\udd17 References:\n1. https://www.electronics.jtekt.co.jp/en/topics/202302035233/\n2. https://www.electronics.jtekt.co.jp/jp/topics/2023020313454/\n3. https://jvn.jp/en/vu/JVNVU98917488/", "creation_timestamp": "2025-03-21T15:19:38.000000Z"}, {"uuid": "c867b54b-a1fa-4515-8b01-95b4c758b745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22348", "type": "seen", "source": "https://t.me/cibsecurity/64335", "content": "\u203c CVE-2023-22348 \u203c\n\nImproper Authorization in RestAPI in Checkmk GmbH's Checkmk versions <2.1.0p28 and <2.2.0b8 allows remote authenticated users to read arbitrary host_configs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T20:45:27.000000Z"}, {"uuid": "c2d2eb6f-8c83-4565-a611-a1c08eb8af72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22344", "type": "seen", "source": "https://t.me/cibsecurity/59440", "content": "\u203c CVE-2023-22344 \u203c\n\nUse of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to obtain the password of the debug tool and execute it. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22336 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T02:37:21.000000Z"}, {"uuid": "3c6b5773-0909-4e92-ba20-3940fce0234a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22344", "type": "seen", "source": "https://t.me/cibsecurity/59444", "content": "\u203c CVE-2023-22335 \u203c\n\nImproper access control vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to bypass access restriction and download an arbitrary file of the directory where the product runs. As a result of exploiting this vulnerability with CVE-2023-22336 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T02:37:25.000000Z"}, {"uuid": "2b741ef5-0167-46d5-ab6a-404c14adfd48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22344", "type": "seen", "source": "https://t.me/cibsecurity/59437", "content": "\u203c CVE-2023-22336 \u203c\n\nPath traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to upload a specially crafted file to an arbitrary directory. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-06T02:37:18.000000Z"}, {"uuid": "9599d7b2-90f6-4e64-ae91-35a2cd4f337c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22345", "type": "seen", "source": "https://gist.github.com/alon710/49917fe94cb678b69e145342286efa6d", "content": "", "creation_timestamp": "2026-01-24T22:32:10.000000Z"}, {"uuid": "89acf1e3-cdf9-4dae-a087-34ab159fe117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22345", "type": "seen", "source": "https://gist.github.com/alon710/9a376e4eab3f75bd07675470467f7fe2", "content": "", "creation_timestamp": "2026-01-24T22:33:24.000000Z"}, {"uuid": "a2e559d8-f313-43ff-bdb6-c8ab5524a459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-22345", "type": "seen", "source": "https://gist.github.com/alon710/278f9d3aa01bad9ddc76c8ae42013109", "content": "", "creation_timestamp": "2026-01-24T22:33:21.000000Z"}]}