{"vulnerability": "CVE-2023-2097", "sightings": [{"uuid": "e33774e3-e133-4586-84a3-255d1cf1940a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20973", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5323", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20973\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In btm_create_conn_cancel_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568245\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-25T15:57:22.703Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-06-01", "creation_timestamp": "2025-02-25T16:23:10.000000Z"}, {"uuid": "5d442cbc-0f5b-482e-9ae3-16539bb69349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20971", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5321", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20971\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In removePermission of PermissionManagerServiceImpl.java, there is a possible way to obtain dangerous permissions without user consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-25T16:02:36.062Z\n\ud83d\udd17 References:\n1. https://android.googlesource.com/platform/frameworks/base/+/6c22d6c1e69676c5c68d21928aa5486bfd1bd131\n2. https://source.android.com/security/bulletin/2024-08-01", "creation_timestamp": "2025-02-25T16:23:07.000000Z"}, {"uuid": "ccc0408b-17d9-4a02-9c62-d40f3f9b4bf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20970", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5320", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20970\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236005\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-25T16:03:44.742Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-03-01", "creation_timestamp": "2025-02-25T16:23:03.000000Z"}, {"uuid": "4ba9b54d-5288-4d68-afea-14e269a05b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20972", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5322", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20972\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In btm_vendor_specific_evt of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255304665\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-25T15:58:56.962Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-06-01", "creation_timestamp": "2025-02-25T16:23:09.000000Z"}, {"uuid": "35206585-59c4-4231-9808-5270c36e95f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20974", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5324", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20974\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In btm_ble_add_resolving_list_entry_complete of btm_ble_privacy.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260078907\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-25T15:55:12.817Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-06-01", "creation_timestamp": "2025-02-25T16:23:11.000000Z"}, {"uuid": "13a55870-3396-4e94-b391-5c3e2efd5806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2097", "type": "seen", "source": "https://t.me/arpsyndicate/565", "content": "#ExploitObserverAlert\n\nCVE-2023-2097\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2097. A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226105 was assigned to this vulnerability.\n\nFIRST-EPSS: 0.000630000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-25T03:26:59.000000Z"}, {"uuid": "5ec93153-e9f6-41ea-a1c3-818e5b844b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20979", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5387", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20979\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In GetNextSourceDataPacket of bta_av_co.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259939364\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-25T21:16:57.599Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-06-01", "creation_timestamp": "2025-02-25T21:27:48.000000Z"}, {"uuid": "9e667d42-8bfc-4a1c-a3a2-2267dc97c7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20976", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5311", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20976\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In getConfirmationMessage of DefaultAutofillPicker.java, there is a possible way to mislead the user to select default autofill application due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-216117246\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-25T16:19:57.806Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-06-01", "creation_timestamp": "2025-02-25T16:22:53.000000Z"}, {"uuid": "626e5b31-e54f-4ba0-9212-34c92362b777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20971", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1246", "content": "\ud83d\udccd#\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0686\u0646\u062f\u06cc\u0646 #\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a #\u0633\u0627\u0645\u0633\u0648\u0646\u06af\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e 6 #\u0622\u06af\u0648\u0633\u062a 2024\u060c \u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0648\u0641\u0642 \u0628\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0633\u0627\u0645\u0633\u0648\u0646\u06af \u0634\u062f\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u060c \u06a9\u0647 \u062f\u0627\u0631\u0627\u06cc \u0633\u0637\u062d \u062a\u0647\u062f\u06cc\u062f #\u0645\u062a\u0648\u0633\u0637 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u0634\u062f\u0647\u200c\u0627\u0646\u062f\u060c \u0627\u0645\u06a9\u0627\u0646 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u0645\u062a\u0639\u062f\u062f\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc\u200c\u0622\u0648\u0631\u0646\u062f.\n\n#\u0627\u062b\u0631\u06af\u0630\u0627\u0631\u06cc \u0648 #\u062e\u0637\u0631\u0627\u062a:\n\u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc #\u0627\u062c\u0631\u0627\u06cc_\u06a9\u062f_\u062f\u0644\u062e\u0648\u0627\u0647 \u062e\u0648\u062f \u0628\u0631 \u0631\u0648\u06cc \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0647\u062f\u0641\u060c #\u0627\u06cc\u062c\u0627\u062f_\u0627\u062e\u062a\u0644\u0627\u0644_\u062f\u0631_\u0633\u0631\u0648\u06cc\u0633\u200c\u062f\u0647\u06cc\u060c #\u0627\u0641\u0632\u0627\u06cc\u0634_\u0633\u0637\u062d_\u062f\u0633\u062a\u0631\u0633\u06cc \u062e\u0648\u062f\u060c #\u0627\u0641\u0634\u0627\u06cc_\u0627\u0637\u0644\u0627\u0639\u0627\u062a_\u062d\u0633\u0627\u0633 \u0648 #\u062f\u0648\u0631_\u0632\u062f\u0646_\u0645\u06a9\u0627\u0646\u06cc\u0632\u0645\u200c\u0647\u0627\u06cc_\u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0646\u0645\u0627\u06cc\u0646\u062f.\n\n#\u0645\u062d\u0635\u0648\u0644\u0627\u062a_\u062a\u062d\u062a_\u062a\u0623\u062b\u06cc\u0631:\n\u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 #\u0633\u06cc\u0633\u062a\u0645\u200c\u0639\u0627\u0645\u0644_\u0627\u0646\u062f\u0631\u0648\u06cc\u062f (12\u060c 13 \u0648 14) \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 #Wear_OS_4.0 \u0627\u0632 \u062c\u0645\u0644\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0647\u0633\u062a\u0646\u062f.\n\n#\u0627\u0642\u062f\u0627\u0645\u0627\u062a_\u0645\u0642\u0627\u0628\u0644\u0647\u200c\u0627\u06cc:\n\u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u06a9\u0627\u0647\u0634 \u062e\u0637\u0631 \u0646\u0627\u0634\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u060c \u0633\u0627\u0645\u0633\u0648\u0646\u06af \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 #\u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc_\u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0631\u0627\u0626\u0647 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0634\u0631\u06a9\u062a \u0631\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0646\u0635\u0628 \u0646\u0645\u0627\u06cc\u0646\u062f. \u0628\u0631\u0627\u06cc \u06a9\u0633\u0628 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u062e\u0635\u0648\u0635 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0648 \u0646\u062d\u0648\u0647 \u0631\u0641\u0639 \u0622\u0646\u200c\u0647\u0627\u060c \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a\u200c\u0647\u0627\u06cc \u0632\u06cc\u0631 \u0645\u0631\u0627\u062c\u0639\u0647 \u0646\u0645\u0627\u06cc\u0646\u062f:\n\n#\u0633\u0627\u0645\u0633\u0648\u0646\u06af_\u0646\u06cc\u0645\u0647\u200c\u0631\u0633\u0627\u0646\u0627:\n \ud83c\udf10 https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n#\u0633\u0627\u0645\u0633\u0648\u0646\u06af_\u0645\u0648\u0628\u0627\u06cc\u0644:\n \ud83c\udf10 https://security.samsungmobile.com/securityUpdate.smsb\n\n#\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc_CVE:\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647\u060c \u062f\u0627\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2023-20971 \u062a\u0627 CVE-2024-36971 \u0645\u06cc\u200c\u0628\u0627\u0634\u0646\u062f.\n\n#\u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627:\n#\u0646\u0635\u0628_\u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627: \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627\u06cc\u062f \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u06cc \u0627\u0631\u0627\u0626\u0647 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0633\u0627\u0645\u0633\u0648\u0646\u06af \u0631\u0627 \u0628\u0647\u200c\u0637\u0648\u0631 \u0645\u0631\u062a\u0628 \u0646\u0635\u0628 \u0646\u0645\u0627\u06cc\u0646\u062f.\n#\u0645\u0631\u0627\u062c\u0639\u0647_\u0628\u0647_\u0645\u0646\u0627\u0628\u0639_\u0631\u0633\u0645\u06cc: \u0628\u0631\u0627\u06cc \u06a9\u0633\u0628 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062f\u0642\u06cc\u0642\u200c\u062a\u0631 \u062f\u0631 \u062e\u0635\u0648\u0635 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0648 \u0631\u0627\u0647\u06a9\u0627\u0631\u0647\u0627\u06cc \u0645\u0642\u0627\u0628\u0644\u0647 \u0628\u0627 \u0622\u0646\u200c\u0647\u0627\u060c \u0628\u0647 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a\u200c\u0647\u0627\u06cc \u0631\u0633\u0645\u06cc \u0633\u0627\u0645\u0633\u0648\u0646\u06af \u0645\u0631\u0627\u062c\u0639\u0647 \u0646\u0645\u0627\u06cc\u06cc\u062f.\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83c\udf10 https://www.hkcert.org/security-bulletin/samsung-products-multiple-vulnerabilities_20240806\n\n\ud83d\udccd #Identification of #Multiple_Vulnerabilities in #Samsung_Products\n\nOn August 6, 2024, #security_researchers identified a series of #vulnerabilities in various Samsung products. These vulnerabilities, rated as #medium_threat_level, present several #exploitation_opportunities for #attackers.\n\n### Impact and Risks:\nAttackers can leverage these vulnerabilities to #execute_arbitrary_code on target systems, cause #service_disruptions, escalate privileges, disclose #sensitive_information, and bypass #security_mechanisms.\n\n### Affected Products:\n- #Android_OS versions 12, 13, and 14\n- #Wear_OS 4.0\n\n### Mitigation Measures:\nTo mitigate the risks associated with these vulnerabilities, #Samsung advises users to promptly install the #security_updates provided by the company. For more detailed information about the vulnerabilities and how to resolve them, users can visit the following websites:\n\n- Samsung Semiconductor:\n\ud83c\udf10 https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n- Samsung Mobile:\n\ud83c\udf10 https://security.samsungmobile.com/securityUpdate.smsb\n\n### #CVE_Identifiers:\nThe identified vulnerabilities have been assigned CVE identifiers ranging from CVE-2023-20971 to CVE-2024-36971.\n\n### Recommendations:\n- #Install_Updates: Users should regularly install software updates provided by Samsung.\n- #Consult_Official_Resources: For detailed information on vulnerabilities and countermeasures, refer to Samsung's official websites.\n\n\ud83d\udd17 Read the full article:\n\n\ud83c\udf10 https://www.hkcert.org/security-bulletin/samsung-products-multiple-vulnerabilities_20240806", "creation_timestamp": "2024-08-10T11:30:23.000000Z"}, {"uuid": "4c12e47e-a27a-421f-9103-03d8e5da54e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2097", "type": "seen", "source": "https://t.me/arpsyndicate/1665", "content": "#ExploitObserverAlert\n\nCVE-2023-2097\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-2097. A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226105 was assigned to this vulnerability.\n\nFIRST-EPSS: 0.000630000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T17:35:21.000000Z"}, {"uuid": "4ac7c0ae-79f4-4fdb-b299-a697993b69ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20975", "type": "seen", "source": "https://t.me/cibsecurity/60687", "content": "\u203c CVE-2023-20975 \u203c\n\nIn getAvailabilityStatus of EnableContentCapturePreferenceController.java, there is a possible way to bypass DISALLOW_CONTENT_CAPTURE due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-250573776\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:47:46.000000Z"}, {"uuid": "293d8037-3b08-47d5-a7de-11039c1b61df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2097", "type": "seen", "source": "https://t.me/cibsecurity/62227", "content": "\u203c CVE-2023-2097 \u203c\n\nA vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-226105 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T16:26:40.000000Z"}, {"uuid": "4492fc73-f477-46d0-aab6-8141fb2c10e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20970", "type": "seen", "source": "https://t.me/cibsecurity/60712", "content": "\u203c CVE-2023-20970 \u203c\n\nIn multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236005\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:50:54.000000Z"}]}