{"vulnerability": "cve-2023-2719", "sightings": [{"uuid": "d63d19f7-03c8-4bba-a928-90fde08bc19c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27191", "type": "seen", "source": "Telegram/gc6BogiQVwaLDw9GGokPfCT-a5TU5IC4xB7MLuQTqpwmlwvU", "content": "", "creation_timestamp": "2025-02-14T10:03:09.000000Z"}, {"uuid": "eded643a-7509-4a71-9053-fec29bccf950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27195", "type": "seen", "source": "https://t.me/cvedetector/10160", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-27195 - Trimble TM4Web Auth Bypass and Account Registration\", \n  \"Content\": \"CVE ID : CVE-2023-27195 \nPublished : Nov. 8, 2024, 5:15 a.m. | 40\u00a0minutes ago \nDescription : Trimble TM4Web 22.2.0 allows unauthenticated attackers to access /inc/tm_ajax.msw?func=UserfromUUID&uuid= to retrieve the last registration access code and use this access code to register a valid account. via a PUT /inc/tm_ajax.msw request. If the access code was used to create an Administrator account, attackers are also able to register new Administrator accounts with full privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-08T07:09:26.000000Z"}, {"uuid": "7cbc2975-0b6a-4f38-8804-0b7bbc4e13a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27199", "type": "seen", "source": "https://t.me/cibsecurity/66025", "content": "\u203c CVE-2023-27199 \u203c\n\nPAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T03:14:03.000000Z"}, {"uuid": "1483ea11-25e8-4e5e-af6f-07e4cbe06a2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27193", "type": "seen", "source": "https://t.me/cibsecurity/62128", "content": "\u203c CVE-2023-27193 \u203c\n\nAn issue found in DUALSPACE v.1.1.3 allows a local attacker to gain privileges via the key_ad_new_user_avoid_time field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:25:54.000000Z"}, {"uuid": "09bf1abd-0fb6-4fa4-a946-f40ab9391f60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27198", "type": "seen", "source": "https://t.me/cibsecurity/66020", "content": "\u203c CVE-2023-27198 \u203c\n\nPAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T00:27:19.000000Z"}, {"uuid": "4ad59e7d-1448-4bb2-b026-99e6e6bada79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27191", "type": "seen", "source": "https://t.me/cibsecurity/61827", "content": "\u203c CVE-2023-27191 \u203c\n\nAn issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of service via the SharedPreference files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T07:23:16.000000Z"}, {"uuid": "ae135902-8021-41ca-ac1e-06d01dba4fcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27195", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113445399552306124", "content": "", "creation_timestamp": "2024-11-08T04:17:02.358137Z"}, {"uuid": "f252ca13-4148-471f-8508-87b507bc87f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27197", "type": "seen", "source": "https://t.me/cibsecurity/66014", "content": "\u203c CVE-2023-27197 \u203c\n\nPAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T00:27:10.000000Z"}, {"uuid": "9ff123af-ab55-48c8-9782-5994798e9654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-27192", "type": "seen", "source": "https://t.me/cibsecurity/61873", "content": "\u203c CVE-2023-27192 \u203c\n\nAn issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of service via the key_wifi_safe_net_check_url, KEY_Cirus_scan_whitelist and KEY_AD_NEW_USER_AVOID_TIME parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T18:23:26.000000Z"}]}