{"vulnerability": "cve-2023-2629", "sightings": [{"uuid": "9a6a73c7-3000-4ffd-878e-5f646d6f6e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2629", "type": "seen", "source": "https://t.me/cibsecurity/63817", "content": "\u203c CVE-2023-2629 \u203c\n\nImproper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T20:19:54.000000Z"}, {"uuid": "b8c6047a-189d-4724-97e8-403be09113cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26293", "type": "seen", "source": "https://t.me/cibsecurity/61837", "content": "\u203c CVE-2023-26293 \u203c\n\nA vulnerability has been identified in TIA Portal V15 (All versions), TIA Portal V16 (All versions), TIA Portal V17 (All versions), TIA Portal V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T14:23:15.000000Z"}, {"uuid": "fb222d79-1bbd-43ef-9c8c-522955aa89aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26292", "type": "seen", "source": "https://t.me/cibsecurity/61031", "content": "\u203c CVE-2023-26292 \u203c\n\nImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_submit.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_submit.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T20:27:52.000000Z"}, {"uuid": "2feeb781-8998-4693-8f1f-b9c7a6a4fc8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26290", "type": "seen", "source": "https://t.me/cibsecurity/61024", "content": "\u203c CVE-2023-26290 \u203c\n\nImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud (login_reset_request.mhtml modules), Forcepoint Web Security Portal on Hybrid (login_reset_request.mhtml modules) allows Reflected XSS.This issue affects Cloud Security Gateway (CSG): before 03/29/2023; Web Security: before 03/29/2023.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T20:15:35.000000Z"}, {"uuid": "a9435cdf-a5b8-4f97-9ea3-3f285a9a365c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26293", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-324-05", "content": "", "creation_timestamp": "2025-11-20T11:00:00.000000Z"}, {"uuid": "6a67cf63-845e-499f-9731-56424bf816fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26299", "type": "seen", "source": "https://t.me/cibsecurity/65810", "content": "\u203c CVE-2023-26299 \u203c\n\nA potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in certain HP PC products using AMI UEFI Firmware (system BIOS), which might allow arbitrary code execution. AMI has released updates to mitigate the potential vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-30T20:15:29.000000Z"}, {"uuid": "4e164409-0a01-430c-a04e-808cbe932abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26298", "type": "seen", "source": "https://t.me/cibsecurity/65149", "content": "\u203c CVE-2023-26298 \u203c\n\nPrevious versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-13T02:19:32.000000Z"}, {"uuid": "2ddcfd41-5100-4e98-b39d-a6a7782ec56f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-26297", "type": "seen", "source": "https://t.me/cibsecurity/65148", "content": "\u203c CVE-2023-26297 \u203c\n\nPrevious versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command injection and/or elevation of privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-13T02:19:31.000000Z"}]}