{"vulnerability": "cve-2023-2808", "sightings": [{"uuid": "197af777-74bf-4e12-9b53-6b7c73b5f2ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28080", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1177", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28080\n\ud83d\udd39 Description: \nPowerPath for Windows, versions 7.0, 7.1 &amp; 7.2 contains DLL Hijacking Vulnerabilities. A regular user (non-admin) can exploit these issues to potentially escalate privileges and execute arbitrary code in the context of NT AUTHORITY\\SYSTEM.\n\n\n\ud83d\udccf Published: 2023-05-30T15:24:49.895Z\n\ud83d\udccf Modified: 2025-01-10T16:37:38.164Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000214248/dsa-2023-154-powerpath-windows-security-update-for-security-update-for-multiple-vulnerabilities", "creation_timestamp": "2025-01-10T17:04:09.000000Z"}, {"uuid": "ff8943e8-0f07-47d6-bcae-1d4a6c870cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28084", "type": "seen", "source": "Telegram/vA-lpwCSnACv0VQcfgsp8cI0UoUn8W4fcnDG3IUHtl3D1mKl", "content": "", "creation_timestamp": "2025-02-06T02:39:19.000000Z"}, {"uuid": "1784a2f9-d1e1-405e-9a49-a32e67ea3166", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28089", "type": "seen", "source": "Telegram/orPuRpR5Apd6LncFuyIm6Q1-WlS1lHAJBTfe6zcKSd2eH4rG", "content": "", "creation_timestamp": "2025-02-06T02:39:19.000000Z"}, {"uuid": "af6123d5-b212-48c0-bc3f-6edba1b8d437", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28088", "type": "seen", "source": "Telegram/wSBGyjD1tN40Vur_QqwIP2kPd29r6UkhJN83yvEcc5qZkSsa", "content": "", "creation_timestamp": "2025-02-06T02:39:19.000000Z"}, {"uuid": "5c9d03d9-ae4e-4f12-823f-ec16f0f31c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28087", "type": "seen", "source": "https://t.me/cibsecurity/62828", "content": "\u203c CVE-2023-28087 \u203c\n\nAn HPE OneView appliance dump may expose OneView user accounts\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T22:25:12.000000Z"}, {"uuid": "63c78126-5a72-46fa-9b6e-7e76ce11d26d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28086", "type": "seen", "source": "https://t.me/cibsecurity/62827", "content": "\u203c CVE-2023-28086 \u203c\n\nAn HPE OneView appliance dump may expose proxy credential settings\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T22:25:11.000000Z"}, {"uuid": "75b4e36d-9a65-4f7e-9f95-aa7a7bcfd2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2808", "type": "seen", "source": "https://t.me/cibsecurity/64759", "content": "\u203c CVE-2023-2808 \u203c\n\nMattermost fails to normalize UTF confusable characters when determining if a preview should be generated for a hyperlink, allowing an attacker to trigger link preview on a disallowed domain using a specially crafted link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-29T14:36:00.000000Z"}, {"uuid": "cfac5ef8-4322-4bec-a4d2-6e7632f727a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28084", "type": "seen", "source": "https://t.me/cibsecurity/62853", "content": "\u203c CVE-2023-28084 \u203c\n\nHPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokens\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-26T00:25:14.000000Z"}, {"uuid": "6bd482a7-0389-4de1-ab84-92702618c972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28089", "type": "seen", "source": "https://t.me/cibsecurity/62826", "content": "\u203c CVE-2023-28089 \u203c\n\nAn HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T22:25:10.000000Z"}, {"uuid": "8c33074a-72e8-4290-bcac-4631ea25b316", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28088", "type": "seen", "source": "https://t.me/cibsecurity/62837", "content": "\u203c CVE-2023-28088 \u203c\n\nAn HPE OneView appliance dump may expose SAN switch administrative credentials\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-25T22:25:24.000000Z"}, {"uuid": "2f00d452-ba8a-41cc-9e36-026ec46de651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28083", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5573", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28083\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L)\n\ud83d\udd39 Description: A remote Cross-site Scripting vulnerability was discovered in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4). HPE has provided software updates to resolve this vulnerability in HPE Integrated Lights-Out.\n\ud83d\udccf Published: 2023-03-20T12:34:16.606Z\n\ud83d\udccf Modified: 2025-02-26T19:17:12.354Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&amp;docId=hpesbhf04456en_us", "creation_timestamp": "2025-02-26T19:24:00.000000Z"}, {"uuid": "804a8f5b-af4e-4475-8e4f-6787aabdbdf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28081", "type": "seen", "source": "https://t.me/cibsecurity/64440", "content": "\u203c CVE-2023-28081 \u203c\n\nA bytecode optimization bug in Hermes prior to commit e6ed9c1a4b02dc219de1648f44cd808a56171b81 could be used to cause an use-after-free and obtain arbitrary code execution via a carefully crafted payload. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-19T02:32:38.000000Z"}]}