{"vulnerability": "CVE-2023-2574", "sightings": [{"uuid": "d3e0054d-210c-4b21-8c79-1f904710d554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25747", "type": "seen", "source": "https://t.me/cibsecurity/65336", "content": "\u203c CVE-2023-25747 \u203c\n\nA potential use-after-free in libaudio was fixed by disabling the AAudio backend when running on Android API below version 30.*This bug only affects Firefox for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 110.1.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-19T14:25:28.000000Z"}, {"uuid": "bfb5218f-c6a3-49c7-91cd-4eb3080027fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25746", "type": "seen", "source": "https://t.me/cibsecurity/64937", "content": "\u203c CVE-2023-25746 \u203c\n\nMozilla developers Philipp and Gabriele Svelto reported memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:42:31.000000Z"}, {"uuid": "f5195a3b-03ee-499b-8890-18edb08a93bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25748", "type": "seen", "source": "https://t.me/cibsecurity/64931", "content": "\u203c CVE-2023-25748 \u203c\n\nBy displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 111.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:42:24.000000Z"}, {"uuid": "fb0b065a-48d3-4e60-87f0-4609e970c86f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25745", "type": "seen", "source": "https://t.me/cibsecurity/64906", "content": "\u203c CVE-2023-25745 \u203c\n\nMozilla developers Timothy Nikkel, Gabriele Svelto, Jeff Muizelaar and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:36:46.000000Z"}, {"uuid": "205874e7-7904-405e-9f3a-4404eeddc110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25744", "type": "seen", "source": "https://t.me/cibsecurity/64905", "content": "\u203c CVE-2023-25744 \u203c\n\nMozilla developers Kershaw Chang and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-03T13:12:56.000000Z"}, {"uuid": "6ad3e898-c245-40d8-ae9a-ea540fc090fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25741", "type": "seen", "source": "https://t.me/cibsecurity/64936", "content": "\u203c CVE-2023-25741 \u203c\n\nWhen dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern, so the behavior was disabled until further review. This vulnerability affects Firefox < 110.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:42:30.000000Z"}, {"uuid": "9e5ae02b-a8ee-487b-8d3a-6f848e4edfaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25749", "type": "seen", "source": "https://t.me/cibsecurity/64896", "content": "\u203c CVE-2023-25749 \u203c\n\nAndroid applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch an external application before doing so. *This bug only affects Firefox for Android. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox < 111.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:36:20.000000Z"}, {"uuid": "1e95488e-2269-4790-aa47-d3ef5318a470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2574", "type": "seen", "source": "https://t.me/cibsecurity/63419", "content": "\u203c CVE-2023-2574 \u203c\n\nAdvantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the device name input field, which can be triggered by authenticated users via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-08T16:51:20.000000Z"}]}