{"vulnerability": "cve-2023-2355", "sightings": [{"uuid": "53098fdc-71f0-47a3-ac30-941645c7e187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23554", "type": "seen", "source": "Telegram/Jigq2RCeZ1F5lZXRAs54i19gqOZ3QtsYIWN0Dr8IvWsrft7M", "content": "", "creation_timestamp": "2025-03-08T04:34:10.000000Z"}, {"uuid": "3d87918c-e61e-4452-b4a2-40b82798aa08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23552", "type": "seen", "source": "https://t.me/arpsyndicate/2326", "content": "#ExploitObserverAlert\n\nCVE-2023-23552\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-23552. On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.0 before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP Advanced WAF or BIG-IP ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-03T14:53:16.000000Z"}, {"uuid": "a9283a6f-46f0-4ed7-8564-410fa0341a1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23558", "type": "seen", "source": "https://t.me/cibsecurity/58317", "content": "\u203c CVE-2023-23558 \u203c\n\nIn Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp. For example, a local attacker can create /tmp/.sentry-native-etserver with mode 0777 before the etserver process is started. The attacker can choose to read sensitive information from that file, or modify the information in that file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T18:12:22.000000Z"}, {"uuid": "339ab28b-ac7c-4163-916f-489b3c929894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2355", "type": "seen", "source": "https://t.me/cibsecurity/63002", "content": "\u203c CVE-2023-2355 \u203c\n\nLocal privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3900.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T22:26:43.000000Z"}, {"uuid": "cde59aa2-0095-4393-8ca5-d8542bda0610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23555", "type": "seen", "source": "https://t.me/cibsecurity/57320", "content": "\u203c CVE-2023-23555 \u203c\n\nOn BIG-IP Virtual Edition versions 15.1x beginning in 15.1.4 to before 15.1.8 and 14.1.x beginning in 14.1.5 to before 14.1.5.3, and BIG-IP SPK beginning in 1.5.0 to before 1.6.0, when FastL4 profile is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T20:14:17.000000Z"}, {"uuid": "084fca8f-d9ee-4ff0-b56e-a0405dfd561d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23553", "type": "seen", "source": "https://t.me/cibsecurity/58011", "content": "\u203c CVE-2023-23553 \u203c\n\nControl By Web X-400 devices are vulnerable to a cross-site scripting attack, which could result in private and session information being transferred to the attacker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T20:29:55.000000Z"}, {"uuid": "ed083b03-7463-4e93-a501-94de33e2cec6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23559", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "ac151c93-5813-4baf-9aa8-76f8f160004b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23556", "type": "seen", "source": "Telegram/bmyF3C3b709TKnXsWUtRj9ZtzPAuNfGf2ukeaooVwB_w-moD", "content": "", "creation_timestamp": "2025-02-01T17:28:09.000000Z"}, {"uuid": "e5f190e1-fcfc-4b1b-b8b6-53c66961428f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23556", "type": "seen", "source": "https://t.me/cibsecurity/64438", "content": "\u203c CVE-2023-23556 \u203c\n\nAn error in BigInt conversion to Number in Hermes prior to commit a6dcafe6ded8e61658b40f5699878cd19a481f80 could have been used by a malicious attacker to execute arbitrary code due to an out-of-bound write. Note that this bug is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-19T02:32:33.000000Z"}, {"uuid": "19dd868b-cd62-45bc-a59b-3f9590730b35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23557", "type": "seen", "source": "https://t.me/cibsecurity/64442", "content": "\u203c CVE-2023-23557 \u203c\n\nAn error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-19T02:32:39.000000Z"}, {"uuid": "bd22959e-f94c-45be-a062-242d0bd2c3f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23559", "type": "seen", "source": "https://t.me/cibsecurity/56474", "content": "\u203c CVE-2023-23559 \u203c\n\nIn rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-13T07:31:03.000000Z"}, {"uuid": "17aa53ae-d005-4a7d-a87b-5b5aefbbe11f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23551", "type": "seen", "source": "https://t.me/cibsecurity/58016", "content": "\u203c CVE-2023-23551 \u203c\n\nControl By Web X-600M devices run Lua scripts and are vulnerable to code injection, which could allow an attacker to remotely execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T20:30:03.000000Z"}]}