{"vulnerability": "cve-2023-3991", "sightings": [{"uuid": "8a09cc25-4c75-435d-b5e2-c8b189725bf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39910", "type": "exploited", "source": "https://t.me/arpsyndicate/2679", "content": "#ExploitObserverAlert\n\nCVE-2023-39910\n\nDESCRIPTION: Exploit Observer has 9 entries related to CVE-2023-39910. The cryptocurrency wallet entropy seeding mechanism used in Libbitcoin Explorer 3.0.0 through 3.6.0 is weak, aka the Milk Sad issue. The use of an mt19937 Mersenne Twister PRNG restricts the internal entropy to 32 bits regardless of settings. This allows remote attackers to recover any wallet private keys generated from \"bx seed\" entropy output and steal funds. (Affected users need to move funds to a secure new cryptocurrency wallet.) NOTE: the vendor's position is that there was sufficient documentation advising against \"bx seed\" but others disagree. NOTE: this was exploited in the wild in June and July 2023.\n\nFIRST-EPSS: 0.001160000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-08T20:34:20.000000Z"}, {"uuid": "fbb3fc6d-cbb5-4ee6-b538-20de418abf49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39914", "type": "seen", "source": "https://t.me/cibsecurity/70395", "content": "\u203c CVE-2023-39914 \u203c\n\nNLnet Labs\u00e2\u20ac\u2122 bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T18:23:51.000000Z"}, {"uuid": "815c845d-8455-4fbb-9a2c-adb38b5f879b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39919", "type": "seen", "source": "https://t.me/cibsecurity/69768", "content": "\u203c CVE-2023-39919 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany \u00e2\u20ac\u201c Protected Shops plugin <=\u00c2\u00a02.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-04T14:16:26.000000Z"}, {"uuid": "adaecd71-1dac-4c6f-b295-5cb550a71756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39918", "type": "seen", "source": "https://t.me/cibsecurity/69762", "content": "\u203c CVE-2023-39918 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in SAASPROJECT Booking Package Booking Package plugin <=\u00c2\u00a01.6.01 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-04T14:16:18.000000Z"}, {"uuid": "b48a9f25-e32b-4f9a-8b4c-b5657c70db45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39912", "type": "seen", "source": "https://t.me/cibsecurity/69616", "content": "\u203c CVE-2023-39912 \u203c\n\nZoho ManageEngine ADManager Plus through 7202 allows admin users to download any file from the server machine via directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T02:18:26.000000Z"}, {"uuid": "c585aa05-da98-4d2a-a6b9-4ee92e2c7bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-39910", "type": "seen", "source": "https://gist.github.com/soulcore-dev/21acc92c93041405608c9fcc8ffc8642", "content": "", "creation_timestamp": "2026-03-14T23:51:38.000000Z"}, {"uuid": "6f4cfe21-f491-45b8-9ba7-8d95146859e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39910", "type": "published-proof-of-concept", "source": "Telegram/zaWOloGTmuxgYwScvhSZBdX4Ig42r1BJF11flVCmJ6M5QnQ", "content": "", "creation_timestamp": "2026-01-07T21:00:04.000000Z"}, {"uuid": "3fd2fe8e-341c-486e-b186-a7a8c208c79b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39916", "type": "seen", "source": "https://t.me/cibsecurity/70393", "content": "\u203c CVE-2023-39916 \u203c\n\nNLnet Labs\u00e2\u20ac\u2122 Routinator 0.9.0 up to and including 0.12.1 contains a possible path traversal vulnerability in the optional, off-by-default keep-rrdp-responses feature that allows users to store the content of responses received for RRDP requests. The location of these stored responses is constructed from the URL of the request. Due to insufficient sanitation of the URL, it is possible for an attacker to craft a URL that results in the response being stored outside of the directory specified for it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T18:23:46.000000Z"}, {"uuid": "30113474-2d22-4169-8128-b3b01d62c212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39914", "type": "seen", "source": "https://t.me/cibsecurity/70392", "content": "\u203c CVE-2023-39915 \u203c\n\nNLnet Labs\u00e2\u20ac\u2122 Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T18:23:45.000000Z"}, {"uuid": "2b99bf4f-54d1-4279-a595-1825ef025c16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39915", "type": "seen", "source": "https://t.me/cibsecurity/70392", "content": "\u203c CVE-2023-39915 \u203c\n\nNLnet Labs\u00e2\u20ac\u2122 Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T18:23:45.000000Z"}, {"uuid": "83ab81c9-ed2e-4ff5-bc51-4d58d2758937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39910", "type": "seen", "source": "https://gist.github.com/drGrove/8ae4ef53d75b0033abf8f2438c72181a", "content": "", "creation_timestamp": "2026-01-22T23:06:00.000000Z"}]}