{"vulnerability": "cve-2023-2832", "sightings": [{"uuid": "e30274ea-36bd-4c98-8a66-e78c0348640e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28324", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "8bb91fca-e8e8-4303-b1f6-63be1c141916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28324", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/ivanti_agent_portal_cmdexec.rb", "content": "", "creation_timestamp": "2024-11-20T19:26:21.000000Z"}, {"uuid": "6b00a702-c84e-4562-a644-d1c442683982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28324", "type": "seen", "source": "https://t.me/true_secator/6220", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f\u043c\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043d\u0438\u043c\u0438 \u0443\u0433\u0440\u043e\u0437.\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 AppOmni \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435\u00a01000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 ServiceNow, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0431\u0430\u0437\u044b \u0437\u043d\u0430\u043d\u0438\u0439 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 (KB).\n\n2. Tenable\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Google Cloud, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044e\u044e \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044c \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Google \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Google Cloud.\n\n\u041e\u043d\u0430 \u043f\u043e\u0432\u043b\u0438\u044f\u043b\u0430 \u043d\u0430 Google Composer. Google \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0438 \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043d\u0435 \u043d\u0430\u0448\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n3. Varonis\u00a0\u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438\u00a0\u043e\u0431 \u0430\u0442\u0430\u043a\u0435 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c SOQL (Salesforce Object Query Language), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u0445 Salesforce \u0447\u0435\u0440\u0435\u0437 API Aura \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438. \u0412\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 \u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043c\u0435\u0441\u044f\u0446 \u0441\u043f\u0443\u0441\u0442\u044f.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 AmberWolf \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 Skeleton Cookie (CVE-2024-45488), \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 PAM Safeguard for Privileged Passwords \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 One Identity.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044e \u0438 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0438 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u043f\u0440\u0435\u0434\u0441\u0442\u043e\u044f\u0449\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f 8.0.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Horizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437\u00a0CVE-2024-8190, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 0-day \u0432 Ivanti Cloud Service Appliance (CSA).\n\n\u041f\u0440\u0430\u0432\u0434\u0430, \u0432 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0439 \u0440\u0430\u0437 Horizon3 \u043d\u0435\u043a\u043e\u0441\u044f\u0447\u0438\u043b\u0430 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u043e\u0435\u00a0\u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u0432 \u0431\u043b\u043e\u0433\u0435 \u0441 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u044b\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043f\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 \u043e\u0448\u0438\u0431\u043a\u0435 Ivanti (CVE-2024-29847). \n\n\u041d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0432 \u043e\u0442\u0447\u0435\u0442\u0435 \u0444\u0438\u0433\u0443\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 CVE-2023-28324, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0438\u044e\u043d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Summoning Team \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e Horizon3 \u0432 \u0441\u043f\u0435\u0448\u043a\u0435 \u043f\u044b\u0442\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438\u0441\u0432\u043e\u0438\u0442\u044c \u0441\u0435\u0431\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u043e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043e\u043d\u0438 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u0443 \u0441\u0435\u0431\u044f \u0432 \u0431\u043b\u043e\u0433\u0435.\n\n6. \u0411\u0438\u0437\u043e\u043d\u044b \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE\u20112024\u20117965 (\u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u0438\u043c\u043f\u043b\u0435\u043c\u0435\u043d\u0442\u0430\u0446\u0438\u044f \u0432\u00a0V8), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432\u00a0\u0440\u0435\u043d\u0434\u0435\u0440\u0435\u0440\u0435 Google\u00a0Chrome, \u043f\u043e\u043a\u0430\u0437\u0430\u0432 \u043a\u0430\u043a \u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0442\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c (PoC).", "creation_timestamp": "2024-09-18T17:40:04.000000Z"}, {"uuid": "56e9c40f-f4c3-40c3-bcc2-b67e411ae30d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2832", "type": "seen", "source": "https://t.me/cibsecurity/64525", "content": "\u203c CVE-2023-2832 \u203c\n\nSQL Injection in GitHub repository unilogies/bumsys prior to 2.2.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T14:25:41.000000Z"}, {"uuid": "94c91107-752a-4b90-87c6-6b29eeaa0851", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28324", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:52.000000Z"}, {"uuid": "fca78f91-b195-41a1-949d-bad5a54cf9cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28324", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "0029aa70-783f-4c5f-a744-8daef85db0f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28322", "type": "seen", "source": "https://t.me/ctinow/112695", "content": "curl: CVE-2023-28322: more POST-after-PUT confusion\n\nhttps://ift.tt/pjWy0eP", "creation_timestamp": "2023-05-18T12:47:06.000000Z"}, {"uuid": "b9d7ce63-a6d2-4208-98e3-54ec54ac8368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28321", "type": "seen", "source": "https://t.me/ctinow/112694", "content": "curl: CVE-2023-28321: IDN wildcard match\n\nhttps://ift.tt/6jW4Vcg", "creation_timestamp": "2023-05-18T12:47:05.000000Z"}, {"uuid": "b229a9e5-4fe3-4fa0-bbe6-e76ba712e5d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28324", "type": "seen", "source": "https://t.me/cibsecurity/65845", "content": "\u203c CVE-2023-28324 \u203c\n\nA improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T07:15:53.000000Z"}, {"uuid": "e9538776-0dff-4d98-8ff6-1f8a36975cb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28323", "type": "seen", "source": "https://t.me/cibsecurity/65838", "content": "\u203c CVE-2023-28323 \u203c\n\nA deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or be used as a stepping stone to get to other network attached machines.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T07:15:43.000000Z"}, {"uuid": "b2c94e1d-bbe8-4e8a-8cf2-f0f3b653ddc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28327", "type": "seen", "source": "https://t.me/cibsecurity/62496", "content": "\u203c CVE-2023-28327 \u203c\n\nA NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-20T04:02:41.000000Z"}, {"uuid": "d14212aa-0537-4a13-95ea-c1dfd7dbc595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28328", "type": "seen", "source": "https://t.me/cibsecurity/62490", "content": "\u203c CVE-2023-28328 \u203c\n\nA NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash the system or potentially cause a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-20T02:30:22.000000Z"}, {"uuid": "bd9310a3-3446-4e5a-9e10-8a9fef9d4fd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28324", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8540", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aIvanti EPM AgentPortal RCE Vulnerability\nURL\uff1ahttps://github.com/horizon3ai/CVE-2023-28324\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-09-16T14:34:03.000000Z"}, {"uuid": "09443e41-be9d-4231-8c94-e48fe3de6e56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2832", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2489", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2832\n\ud83d\udd39 Description: SQL Injection in GitHub repository unilogies/bumsys prior to 2.2.0.\n\ud83d\udccf Published: 2023-05-22T10:43:44.187Z\n\ud83d\udccf Modified: 2025-01-21T21:38:14.276Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/37b80402-0edf-4f26-a668-b6f8b48dcdfb\n2. https://github.com/unilogies/bumsys/commit/1b426f58a513194206d0ea8ab58baf1461e54978", "creation_timestamp": "2025-01-21T22:01:03.000000Z"}, {"uuid": "6d94d0c7-157f-4de8-a2dc-d4d4bad8a64c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28322", "type": "seen", "source": "https://t.me/ctinow/120264", "content": "https://ift.tt/8S7iFeu\nInternet Bug Bounty: CVE-2023-28322: more POST-after-PUT confusion", "creation_timestamp": "2023-06-25T20:46:49.000000Z"}, {"uuid": "133ab4f1-2a84-4843-9c3d-004d54003916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28321", "type": "seen", "source": "https://t.me/ctinow/120263", "content": "https://ift.tt/Hy2O6Dm\nInternet Bug Bounty: CVE-2023-28321: IDN wildcard match", "creation_timestamp": "2023-06-25T20:46:47.000000Z"}, {"uuid": "b68b7bcc-d400-4c8f-96ee-2b1ca49e5cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28320", "type": "seen", "source": "https://t.me/ctinow/114605", "content": "Internet Bug Bounty: CVE-2023-28320 - siglongjmp race condition\n\nhttps://ift.tt/VLbmS6R", "creation_timestamp": "2023-05-27T14:26:46.000000Z"}, {"uuid": "cde774f4-02e2-4152-a100-f922ff280326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28327", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5977", "content": "| CVE-2021-3569 2.1 https://vulners.com/cve/CVE-2021-3569\n| CVE-2021-3527 2.1 https://vulners.com/cve/CVE-2021-3527 | CVE-2021-3446 2.1 https://vulners.com/cve/CVE-2021-3446 | CVE-2021-3416 2.1 https://vulners.com/cve/CVE-2021-3416 | CVE-2021-20320 2.1 https://vulners.com/cve/CVE-2021-20320\n| CVE-2021-20297 2.1 https://vulners.com/cve/CVE-2021-20297 | CVE-2021-20257 2.1 https://vulners.com/cve/CVE-2021-20257 | CVE-2021-20239 2.1 https://vulners.com/cve/CVE-2021-20239 | CVE-2021-20221 2.1 https://vulners.com/cve/CVE-2021-20221\n| CVE-2020-25743 2.1 https://vulners.com/cve/CVE-2020-25743\n| CVE-2020-12458 2.1 https://vulners.com/cve/CVE-2020-12458\n| CVE-2020-10756 2.1 https://vulners.com/cve/CVE-2020-10756\n| CVE-2019-18391 2.1 https://vulners.com/cve/CVE-2019-18391\n| CVE-2019-14826 2.1 https://vulners.com/cve/CVE-2019-14826\n| CVE-2019-13313 2.1 https://vulners.com/cve/CVE-2019-13313 | CVE-2019-12067 2.1 https://vulners.com/cve/CVE-2019-12067 | CVE-2019-11884 2.1 https://vulners.com/cve/CVE-2019-11884 | CVE-2019-11833 2.1 https://vulners.com/cve/CVE-2019-11833 | CVE-2019-11135 2.1 https://vulners.com/cve/CVE-2019-11135 | CVE-2019-10183 2.1 https://vulners.com/cve/CVE-2019-10183 | CVE-2018-16878 2.1 https://vulners.com/cve/CVE-2018-16878 | CVE-2004-0554 2.1 https://vulners.com/cve/CVE-2004-0554 | 1AC912AC-B7DA-5F88-B22A-12B17E5D1D5C 2.1 https://vulners.com/githubexploit/1AC912AC-B7DA-5F88-B22A-12B17E5D1D5C *EXPLOIT*\n| CVE-2023-1289 1.9 https://vulners.com/cve/CVE-2023-1289\n| CVE-2022-25310 1.9 https://vulners.com/cve/CVE-2022-25310 | CVE-2022-25309 1.9 https://vulners.com/cve/CVE-2022-25309 | CVE-2021-4217 1.9 https://vulners.com/cve/CVE-2021-4217 | CVE-2021-3753 1.9 https://vulners.com/cve/CVE-2021-3753 | CVE-2021-3602 1.9 https://vulners.com/cve/CVE-2021-3602 | CVE-2020-25656 1.9 https://vulners.com/cve/CVE-2020-25656 | CVE-2019-2634 1.9 https://vulners.com/cve/CVE-2019-2634 | CVE-2019-2535 1.9 https://vulners.com/cve/CVE-2019-2535 | CVE-2019-18660 1.9 https://vulners.com/cve/CVE-2019-18660\n| PRION:CVE-2023-22024 1.7 https://vulners.com/prion/PRION:CVE-2023-22024\n| CVE-2023-3161 1.7 https://vulners.com/cve/CVE-2023-3161\n| CVE-2023-28328 1.7 https://vulners.com/cve/CVE-2023-28328\n| CVE-2023-28327 1.7 https://vulners.com/cve/CVE-2023-28327\n| CVE-2023-2700 1.7 https://vulners.com/cve/CVE-2023-2700\n| CVE-2023-2602 1.7 https://vulners.com/cve/CVE-2023-2602\n| CVE-2023-1981 1.7 https://vulners.com/cve/CVE-2023-1981\n| CVE-2023-1095 1.7 https://vulners.com/cve/CVE-2023-1095 | CVE-2022-2153 1.7 https://vulners.com/cve/CVE-2022-2153\n| CVE-2022-1263 1.7 https://vulners.com/cve/CVE-2022-1263", "creation_timestamp": "2023-11-15T16:53:03.000000Z"}, {"uuid": "545e5f95-2eda-4f8a-9334-ac6c89241e4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28328", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5977", "content": "| CVE-2021-3569 2.1 https://vulners.com/cve/CVE-2021-3569\n| CVE-2021-3527 2.1 https://vulners.com/cve/CVE-2021-3527 | CVE-2021-3446 2.1 https://vulners.com/cve/CVE-2021-3446 | CVE-2021-3416 2.1 https://vulners.com/cve/CVE-2021-3416 | CVE-2021-20320 2.1 https://vulners.com/cve/CVE-2021-20320\n| CVE-2021-20297 2.1 https://vulners.com/cve/CVE-2021-20297 | CVE-2021-20257 2.1 https://vulners.com/cve/CVE-2021-20257 | CVE-2021-20239 2.1 https://vulners.com/cve/CVE-2021-20239 | CVE-2021-20221 2.1 https://vulners.com/cve/CVE-2021-20221\n| CVE-2020-25743 2.1 https://vulners.com/cve/CVE-2020-25743\n| CVE-2020-12458 2.1 https://vulners.com/cve/CVE-2020-12458\n| CVE-2020-10756 2.1 https://vulners.com/cve/CVE-2020-10756\n| CVE-2019-18391 2.1 https://vulners.com/cve/CVE-2019-18391\n| CVE-2019-14826 2.1 https://vulners.com/cve/CVE-2019-14826\n| CVE-2019-13313 2.1 https://vulners.com/cve/CVE-2019-13313 | CVE-2019-12067 2.1 https://vulners.com/cve/CVE-2019-12067 | CVE-2019-11884 2.1 https://vulners.com/cve/CVE-2019-11884 | CVE-2019-11833 2.1 https://vulners.com/cve/CVE-2019-11833 | CVE-2019-11135 2.1 https://vulners.com/cve/CVE-2019-11135 | CVE-2019-10183 2.1 https://vulners.com/cve/CVE-2019-10183 | CVE-2018-16878 2.1 https://vulners.com/cve/CVE-2018-16878 | CVE-2004-0554 2.1 https://vulners.com/cve/CVE-2004-0554 | 1AC912AC-B7DA-5F88-B22A-12B17E5D1D5C 2.1 https://vulners.com/githubexploit/1AC912AC-B7DA-5F88-B22A-12B17E5D1D5C *EXPLOIT*\n| CVE-2023-1289 1.9 https://vulners.com/cve/CVE-2023-1289\n| CVE-2022-25310 1.9 https://vulners.com/cve/CVE-2022-25310 | CVE-2022-25309 1.9 https://vulners.com/cve/CVE-2022-25309 | CVE-2021-4217 1.9 https://vulners.com/cve/CVE-2021-4217 | CVE-2021-3753 1.9 https://vulners.com/cve/CVE-2021-3753 | CVE-2021-3602 1.9 https://vulners.com/cve/CVE-2021-3602 | CVE-2020-25656 1.9 https://vulners.com/cve/CVE-2020-25656 | CVE-2019-2634 1.9 https://vulners.com/cve/CVE-2019-2634 | CVE-2019-2535 1.9 https://vulners.com/cve/CVE-2019-2535 | CVE-2019-18660 1.9 https://vulners.com/cve/CVE-2019-18660\n| PRION:CVE-2023-22024 1.7 https://vulners.com/prion/PRION:CVE-2023-22024\n| CVE-2023-3161 1.7 https://vulners.com/cve/CVE-2023-3161\n| CVE-2023-28328 1.7 https://vulners.com/cve/CVE-2023-28328\n| CVE-2023-28327 1.7 https://vulners.com/cve/CVE-2023-28327\n| CVE-2023-2700 1.7 https://vulners.com/cve/CVE-2023-2700\n| CVE-2023-2602 1.7 https://vulners.com/cve/CVE-2023-2602\n| CVE-2023-1981 1.7 https://vulners.com/cve/CVE-2023-1981\n| CVE-2023-1095 1.7 https://vulners.com/cve/CVE-2023-1095 | CVE-2022-2153 1.7 https://vulners.com/cve/CVE-2022-2153\n| CVE-2022-1263 1.7 https://vulners.com/cve/CVE-2022-1263", "creation_timestamp": "2023-11-15T16:53:03.000000Z"}, {"uuid": "3c35c149-8c2a-46d4-bf32-56b10fef6a93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28324", "type": "seen", "source": "https://t.me/Root_Exploit/753", "content": "CVE-2023-28324 - Ivanti EPM AgentPortal RCE Vulnerability\n\nGithub \n\n#Cve #Rce\n\nJoin RootExploit \ud83d\udc8e", "creation_timestamp": "2024-09-22T11:11:47.000000Z"}, {"uuid": "8ea4b76d-eb8d-49b8-91a4-108c743324a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28325", "type": "seen", "source": "https://t.me/cibsecurity/63937", "content": "\u203c CVE-2023-28325 \u203c\n\nAn improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to manipulate the rid parameter and change the updateMessage method that only checks whether the user is allowed to edit message in the target room.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T02:26:28.000000Z"}, {"uuid": "8b3136aa-6372-4366-a499-977d65b2c0e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28326", "type": "seen", "source": "https://t.me/cibsecurity/60886", "content": "\u203c CVE-2023-28326 \u203c\n\nVendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0 Description: Attacker can elevate their privileges in any room\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T16:44:39.000000Z"}, {"uuid": "361c7242-559f-4008-a6f6-c5cb58f0a670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28329", "type": "seen", "source": "https://t.me/cibsecurity/60628", "content": "\u203c CVE-2023-28329 \u203c\n\nInsufficient validation of profile field availability condition resulted in an SQL injection risk (by default only available to teachers and managers).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-23T23:37:11.000000Z"}]}