{"vulnerability": "cve-2023-2350", "sightings": [{"uuid": "209f6022-6a69-4e06-ba56-37b17e8c44aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23505", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7184", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23505\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. An app may be able to access information about a user\u2019s contacts.\n\ud83d\udccf Published: 2023-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-11T17:28:37.647Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213606\n2. https://support.apple.com/en-us/HT213603\n3. https://support.apple.com/en-us/HT213598\n4. https://support.apple.com/en-us/HT213605\n5. https://support.apple.com/en-us/HT213604\n6. https://support.apple.com/en-us/HT213599", "creation_timestamp": "2025-03-11T17:39:44.000000Z"}, {"uuid": "e3c3d992-046f-4dd9-bbcd-4147bde783bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23504", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7182", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23504\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges.\n\ud83d\udccf Published: 2023-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-11T17:30:34.954Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213606\n2. https://support.apple.com/en-us/HT213601\n3. https://support.apple.com/en-us/HT213598\n4. https://support.apple.com/en-us/HT213605\n5. https://support.apple.com/en-us/HT213604\n6. https://support.apple.com/en-us/HT213599", "creation_timestamp": "2025-03-11T17:39:43.000000Z"}, {"uuid": "4059409a-89ac-47b6-a823-44452d73bbce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23506", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7191", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23506\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data.\n\ud83d\udccf Published: 2023-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-11T17:27:11.459Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213605", "creation_timestamp": "2025-03-11T17:39:56.000000Z"}, {"uuid": "8926b3ab-2d8e-458e-b1fd-23aae7bcaf48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23504", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1327", "content": "CVE-2023-23504 -  Apple products\n*\n\u041f\u0440\u043e\u0442\u0435\u043a\u0430\u0435\u0442  dlil.c XNU \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u044b, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u044b\u0439 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c (uint16_t) \u0432 if.c. \u0412\u0441\u0435\u0433\u043e \u043b\u0438\u0448\u044c \u043d\u0430\u0434\u043e \u0442\u043e \u0441\u043e\u0437\u0434\u0430\u0442\u044c   65536 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u0432.", "creation_timestamp": "2023-01-25T16:25:34.000000Z"}, {"uuid": "848e278d-efc2-4f8e-91cf-be2e8570ebb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23504", "type": "published-proof-of-concept", "source": "Telegram/4jjlZcJsZDSOXtMVSNhESJOUs062dRxcjHU0PwnbmuksJnc", "content": "", "creation_timestamp": "2023-02-09T16:25:14.000000Z"}, {"uuid": "43f26131-0fc2-461b-a673-ca309bb8e125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23507", "type": "seen", "source": "https://t.me/cibsecurity/59051", "content": "\u203c CVE-2023-23507 \u203c\n\nThe issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to execute arbitrary code with kernel privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:06.000000Z"}, {"uuid": "87be5006-f649-4017-9cbe-7b1e27d24d00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23508", "type": "seen", "source": "https://t.me/cibsecurity/59055", "content": "\u203c CVE-2023-23508 \u203c\n\nThe issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to bypass Privacy preferences.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T22:28:11.000000Z"}, {"uuid": "b26ce018-c077-4881-a475-f0b7661ac043", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23504", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3896", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-23504\nURL\uff1ahttps://github.com/zeroc00I/CVE-2023-23504\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-03-09T03:15:50.000000Z"}, {"uuid": "c8bc47e4-7bb5-4d1c-bf35-986467f738f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2350", "type": "seen", "source": "https://t.me/cibsecurity/62993", "content": "\u203c CVE-2023-2350 \u203c\n\nA vulnerability classified as problematic was found in SourceCodester Service Provider Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227593 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T20:26:39.000000Z"}, {"uuid": "cf18e5fa-e896-4038-9f6d-848d459e1474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23504", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7629", "content": "#exploit\n1. CVE-2023-23504:\nXNU Heap Underwrite in dlil.c\nhttps://adamdoupe.com/blog/2023/01/23/cve-2023-23504-xnu-heap-underwrite-in-dlil-dot-c\n\n2. CVE-2023-24055:\nKeePass 2.5x PoC\nhttps://github.com/alt3kx/CVE-2023-24055_PoC\n\n3. CVE-2022-34689:\nCryptoAPI spoofing vulnerability\nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689", "creation_timestamp": "2023-01-27T12:59:42.000000Z"}, {"uuid": "535bf655-c523-4674-bfe7-4e5db914f1e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23504", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2445", "content": "#exploit\n1. CVE-2023-23504:\nXNU Heap Underwrite in dlil.c\nhttps://adamdoupe.com/blog/2023/01/23/cve-2023-23504-xnu-heap-underwrite-in-dlil-dot-c\n\n2. CVE-2023-24055:\nKeePass 2.5x PoC\nhttps://github.com/alt3kx/CVE-2023-24055_PoC\n\n3. CVE-2022-34689:\nCryptoAPI spoofing vulnerability\nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689", "creation_timestamp": "2023-01-27T08:11:25.000000Z"}]}