{"vulnerability": "cve-2023-3143", "sightings": [{"uuid": "4f949114-d6cc-4db1-9991-e120970d35f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31436", "type": "seen", "source": "https://t.me/cibsecurity/67376", "content": "\u203c CVE-2023-39190 \u203c\n\n** REJECT ** CVE-2023-39190 was found to be a duplicate of CVE-2023-31436. Please see https://access.redhat.com/security/cve/CVE-2023-31436 for information about affected products and security errata.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-28T18:35:55.000000Z"}, {"uuid": "6e1c9375-87c5-4357-9627-52b99b2a81ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31432", "type": "seen", "source": "https://t.me/cibsecurity/67555", "content": "\u203c CVE-2023-31432 \u203c\n\nThrough manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T07:39:07.000000Z"}, {"uuid": "15f85ace-ead9-4bca-96df-94f1fea05375", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31431", "type": "seen", "source": "https://t.me/cibsecurity/67558", "content": "\u203c CVE-2023-31431 \u203c\n\nA buffer overflow vulnerability in \u00e2\u20ac\u0153diagstatus\u00e2\u20ac\ufffd command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T07:39:13.000000Z"}, {"uuid": "38764393-08d4-4fe5-a0c6-ea8b011161d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31430", "type": "seen", "source": "https://t.me/cibsecurity/67551", "content": "\u203c CVE-2023-31430 \u203c\n\nA buffer overflow vulnerability in \u00e2\u20ac\u0153secpolicydelete\u00e2\u20ac\ufffd command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T07:39:03.000000Z"}, {"uuid": "e9a6606b-c918-4621-848c-4c97a0269097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31435", "type": "seen", "source": "https://t.me/cibsecurity/63186", "content": "\u203c CVE-2023-31435 \u203c\n\nMultiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T00:30:38.000000Z"}, {"uuid": "19c6c0eb-5e20-47a0-a75b-a4f9b511e3e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31433", "type": "seen", "source": "https://t.me/cibsecurity/63184", "content": "\u203c CVE-2023-31433 \u203c\n\nA SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T00:30:35.000000Z"}, {"uuid": "0eec4333-824b-42ab-86e4-504deac29fdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31434", "type": "seen", "source": "https://t.me/cibsecurity/63175", "content": "\u203c CVE-2023-31434 \u203c\n\nThe parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user profile, and langID and ONLINEID in direct links, in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 do not validate input, which allows authenticated attackers to inject HTML Code and XSS payloads in multiple locations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T00:30:25.000000Z"}, {"uuid": "3b483659-9029-4dd1-97a2-35fc11b1dd0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31436", "type": "seen", "source": "https://t.me/cibsecurity/63026", "content": "\u203c CVE-2023-31436 \u203c\n\nqfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T07:27:01.000000Z"}]}