{"vulnerability": "cve-2023-4841", "sightings": [{"uuid": "eb834ec0-2928-4f00-be82-674bd3922651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48418", "type": "seen", "source": "https://t.me/ctinow/162112", "content": "https://ift.tt/FqJLIUO\nCVE-2023-48418", "creation_timestamp": "2024-01-03T00:26:49.000000Z"}, {"uuid": "f45f4a05-6557-4df5-aa46-dc449a82d8f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48411", "type": "seen", "source": "https://t.me/ctinow/161098", "content": "https://ift.tt/xkuBJGP\nCVE-2023-48411 | Google Android kernel protocolmiscadapter.cpp FillGsmSignalStrength information disclosure", "creation_timestamp": "2023-12-31T14:41:25.000000Z"}, {"uuid": "a9293cca-271d-46c3-9a7f-40e509366700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48418", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/2118", "content": "Android DeviceVersionFragment.java Privilege Escalation Exploit for Pixel Watch (CVE-2023-48418)\nhttps://0day.today/exploit/description/39237", "creation_timestamp": "2024-01-17T11:45:18.000000Z"}, {"uuid": "05b811d9-bd63-4bd7-aa70-85bee0eceb2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48419", "type": "seen", "source": "https://t.me/cibsecurity/74189", "content": "\u203c\ufe0fCVE-2023-48419\u203c\ufe0f\n\nAn attacker in the wifi vicinity of a target Google Home can spy on the victim, resulting in Elevation of Privilege\u00a0 \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:36:19.000000Z"}, {"uuid": "b0c7a3d3-4e52-4fd9-b51b-07c695137fb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48419", "type": "seen", "source": "https://t.me/ctinow/171771", "content": "https://ift.tt/TkJdxs2\nCVE-2023-48419 | Google Nest Mini 1.56.356012 WiFi privileges management", "creation_timestamp": "2024-01-23T08:51:27.000000Z"}, {"uuid": "e2d5075e-257b-403e-ac7a-e89f4ef18866", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48413", "type": "seen", "source": "https://t.me/ctinow/161085", "content": "https://ift.tt/jqKESwQ\nCVE-2023-48413 | Google Android protocolnetadapter.cpp Init information disclosure", "creation_timestamp": "2023-12-31T14:11:17.000000Z"}, {"uuid": "128b8e12-19eb-400d-b542-44211c1e719b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48410", "type": "seen", "source": "https://t.me/ctinow/161084", "content": "https://ift.tt/P5WERfb\nCVE-2023-48410 | Google Android cd_codec.c cd_ParseMsg information disclosure", "creation_timestamp": "2023-12-31T13:41:50.000000Z"}, {"uuid": "2f8f917a-1b17-4c51-803f-10e3fd859eea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48418", "type": "seen", "source": "https://t.me/cibsecurity/74216", "content": "\u203c\ufe0fCVE-2023-48418\u203c\ufe0f\n\n\u00a0In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a \u00a0 \u00a0 possible way to access adb before SUW completion due to an insecure default \u00a0 \u00a0 value. This could lead to local escalation of privilege with no additional \u00a0 \u00a0 execution privileges needed. User interaction is not needed for \u00a0 \u00a0 exploitation \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:38:32.000000Z"}, {"uuid": "a72ee11e-a5fd-4569-93d3-7051126d8ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4841", "type": "seen", "source": "https://t.me/cibsecurity/70428", "content": "\u203c CVE-2023-4841 \u203c\n\nThe Feeds for YouTube for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube-feed' shortcode in versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-14T07:24:13.000000Z"}, {"uuid": "01bee9f4-1c4e-452a-b0d1-8da84c902173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48418", "type": "seen", "source": "https://t.me/ctinow/171844", "content": "https://ift.tt/EC29oJM\nCVE-2023-48418 | Google Pixel Watch 11 DeviceVersionFragment.java checkDebuggingDisallowed privileges management (Bulletin 176446)", "creation_timestamp": "2024-01-23T10:56:17.000000Z"}, {"uuid": "3584fda5-db84-4692-b0f0-c2047710941f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48419", "type": "seen", "source": "https://t.me/ctinow/161986", "content": "https://ift.tt/kYZ76fu\nCVE-2023-48419", "creation_timestamp": "2024-01-02T20:27:07.000000Z"}, {"uuid": "f271a11d-fcb5-4c6c-86ad-b4653f48dbbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48415", "type": "seen", "source": "https://t.me/ctinow/161094", "content": "https://ift.tt/3ir6auU\nCVE-2023-48415 | Google Android protocolembmsadapter.cpp Init information disclosure", "creation_timestamp": "2023-12-31T14:41:20.000000Z"}, {"uuid": "b80fa30b-aae0-4015-b8e6-6b0255f357a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48417", "type": "seen", "source": "https://t.me/ctinow/161280", "content": "https://ift.tt/p0bPh2H\nCVE-2023-48417 | Google Android KeyChainActivity App permission", "creation_timestamp": "2024-01-01T12:02:07.000000Z"}, {"uuid": "ffd82e3c-4cd3-45b3-a0d5-ad8c8011fd1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48416", "type": "seen", "source": "https://t.me/ctinow/161087", "content": "https://ift.tt/eEVh6QK\nCVE-2023-48416 | Google Android denial of service", "creation_timestamp": "2023-12-31T14:11:19.000000Z"}, {"uuid": "2732422e-d6aa-4cab-89cb-aa02d9484a47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48414", "type": "seen", "source": "https://t.me/ctinow/161100", "content": "https://ift.tt/fRSKj5z\nCVE-2023-48414 | Google Android kernel Pixel Camera Driver use after free", "creation_timestamp": "2023-12-31T14:41:27.000000Z"}, {"uuid": "4b5db540-1403-4614-9b3d-c3d8804189a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-48412", "type": "seen", "source": "https://t.me/ctinow/161099", "content": "https://ift.tt/gymenh5\nCVE-2023-48412 | Google Android mali_gralloc_buffer.h private_handle_t information disclosure", "creation_timestamp": "2023-12-31T14:41:26.000000Z"}]}