{"vulnerability": "cve-2023-33865", "sightings": [{"uuid": "0987cd90-6a2d-4dc9-954b-cb56d5b7cd39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33865", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/442", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-33865\n\ud83d\udd39 Description: RenderDoc before 1.27 allows local privilege escalation via a symlink attack. It relies on the /tmp/RenderDoc directory regardless of ownership.\n\ud83d\udccf Published: 2023-06-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T15:05:46.616Z\n\ud83d\udd17 References:\n1. https://renderdoc.org/\n2. https://www.qualys.com/2023/06/06/renderdoc/renderdoc.txt\n3. http://seclists.org/fulldisclosure/2023/Jun/2\n4. http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html\n5. https://lists.debian.org/debian-lts-announce/2023/07/msg00023.html\n6. https://security.gentoo.org/glsa/202311-10", "creation_timestamp": "2025-01-07T15:38:58.000000Z"}, {"uuid": "3dc6ce38-1bf5-4106-bc42-17db873c1b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-33865", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8454", "content": "#exploit\n1. CVE-2023-33865, CVE-2023-33864, CVE-2023-33863:\nLPE and RCE in RenderDoc\nhttps://seclists.org/fulldisclosure/2023/Jun/2\n\n2. CVE-2023-33829:\nSCM Manager XSS\nhttps://github.com/CKevens/CVE-2023-33829-POC", "creation_timestamp": "2023-06-08T12:39:13.000000Z"}]}