{"vulnerability": "cve-2023-3067", "sightings": [{"uuid": "349b920d-a82c-4414-a326-b445946e3138", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3067", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/821", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-3067\n\ud83d\udd39 Description: Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.59.4.\n\ud83d\udccf Published: 2023-06-02T00:00:00\n\ud83d\udccf Modified: 2025-01-08T19:46:14.208Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/4772ceb7-1594-414d-9b20-5b82029da7b6\n2. https://github.com/zadam/trilium/commit/4c3fcc3ea6f37debcb87ac1a7f5698c27be0e67b", "creation_timestamp": "2025-01-08T20:14:34.000000Z"}, {"uuid": "6cf8cfd0-8b52-4515-8597-12f3c4dbd59b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30677", "type": "seen", "source": "https://t.me/cibsecurity/66050", "content": "\u203c CVE-2023-30677 \u203c\n\nImproper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical attackers to access data of Samsung Pass on a certain state of an unlocked device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T07:38:28.000000Z"}, {"uuid": "ecda2161-c3f7-44e0-b2d6-09c5dc53d2d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30673", "type": "seen", "source": "https://t.me/cibsecurity/66039", "content": "\u203c CVE-2023-30673 \u203c\n\nImproper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3.23052_1 allows local attackers to delete arbitrary directory using directory junction.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T07:32:34.000000Z"}, {"uuid": "6748de82-bf17-48ea-be4b-34a545fed8ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30674", "type": "seen", "source": "https://t.me/cibsecurity/66051", "content": "\u203c CVE-2023-30674 \u203c\n\nImproper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T07:38:29.000000Z"}, {"uuid": "4792b441-4052-4afe-b062-bacfcb4f57b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3067", "type": "seen", "source": "https://t.me/cibsecurity/64917", "content": "\u203c CVE-2023-3067 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.59.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:39:31.000000Z"}, {"uuid": "338ed8d4-3cd3-4b2a-b842-fb25c39a3397", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30679", "type": "seen", "source": "https://t.me/cibsecurity/68150", "content": "\u203c CVE-2023-30679 \u203c\n\nImproper access control in HDCP trustlet prior to SMR Aug-2023 Release 1 allows local attackers to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T22:02:49.000000Z"}, {"uuid": "fba6059d-39f6-406b-a4b5-c9e1fc96a8a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30678", "type": "seen", "source": "https://t.me/cibsecurity/66053", "content": "\u203c CVE-2023-30678 \u203c\n\nPotential zip path traversal vulnerability in Calendar application prior to version 12.4.07.15 in Android 13 allows attackers to write arbitrary file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T07:38:30.000000Z"}, {"uuid": "e7b5859b-c783-4e9e-9de2-5bc14e219e90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30670", "type": "seen", "source": "https://t.me/cibsecurity/66030", "content": "\u203c CVE-2023-30670 \u203c\n\nOut-of-bounds Write in BuildIpcFactoryDeviceTestEvent of libsec-ril prior to SMR Jul-2023 Release 1 allows local attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T07:32:23.000000Z"}]}