{"vulnerability": "cve-2023-3254", "sightings": [{"uuid": "cbf95431-8a65-460f-bfbb-d9ecd35b1ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3254", "type": "seen", "source": "https://t.me/cibsecurity/72491", "content": "\u203c CVE-2023-3254 \u203c\n\nThe Widgets for Google Reviews plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 10.9. This is due to missing or incorrect nonce validation within setup_no_reg_header.php. This makes it possible for unauthenticated attackers to reset plugin settings and remove reviews via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T12:46:45.000000Z"}, {"uuid": "c3877b44-c252-476f-b050-786405d884f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32544", "type": "seen", "source": "https://t.me/ctinow/185685", "content": "https://ift.tt/KLdAsgI\nCVE-2023-32544 | Intel HotKey Services prior 1.1.45 on Win10 access control (intel-sa-00964)", "creation_timestamp": "2024-02-15T16:52:01.000000Z"}, {"uuid": "9b0eb048-299f-4e09-81ff-5e33023bc9d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32544", "type": "seen", "source": "https://t.me/ctinow/170410", "content": "https://ift.tt/q9v2CO6\nCVE-2023-32544", "creation_timestamp": "2024-01-19T21:27:19.000000Z"}, {"uuid": "3a252c7a-2325-4f1f-b842-b5a05136db92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32547", "type": "seen", "source": "https://t.me/cibsecurity/68281", "content": "\u203c CVE-2023-32547 \u203c\n\nIncorrect default permissions in the MAVinci Desktop Software for Intel(R) Falcon 8+ before version 6.2 may allow authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T07:26:36.000000Z"}, {"uuid": "2d2520da-9945-494d-bff4-4cef49858e14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32545", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/517", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32545\n\ud83d\udd39 Description: \n\n\n\n\n\n\n\n\n\n\n\n\nThe affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to an out-of-bounds read in Cscape!CANPortMigration. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. \n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-06-06T14:51:49.298Z\n\ud83d\udccf Modified: 2025-01-07T18:08:04.567Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-04", "creation_timestamp": "2025-01-07T18:39:24.000000Z"}, {"uuid": "17b1123a-2edf-4f74-8a60-a9491901c751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32542", "type": "seen", "source": "https://t.me/cibsecurity/65332", "content": "\u203c CVE-2023-32542 \u203c\n\nOut-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-19T12:30:25.000000Z"}, {"uuid": "ac175821-78ea-48c2-823c-77dd4282cc99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32549", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/519", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32549\n\ud83d\udd39 Description: Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator.\n\ud83d\udccf Published: 2023-06-06T15:07:24.623Z\n\ud83d\udccf Modified: 2025-01-07T18:04:02.775Z\n\ud83d\udd17 References:\n1. https://bugs.launchpad.net/landscape/+bug/1929034", "creation_timestamp": "2025-01-07T18:39:40.000000Z"}]}