{"vulnerability": "CVE-2023-2814", "sightings": [{"uuid": "24a6473b-7677-4db7-87b2-f7c56b824c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28147", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1065", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28147\n\ud83d\udd39 Description: An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0.\n\ud83d\udccf Published: 2023-06-01T00:00:00\n\ud83d\udccf Modified: 2025-01-09T19:34:08.975Z\n\ud83d\udd17 References:\n1. https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities", "creation_timestamp": "2025-01-09T20:17:52.000000Z"}, {"uuid": "4dc084f8-3dac-4c4a-af9d-a73fbfc241a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28149", "type": "seen", "source": "https://t.me/cvedetector/2166", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-28149 - InsydeH2O UEFI Variable Spoofing\", \n  \"Content\": \"CVE ID : CVE-2023-28149 \nPublished : July 31, 2024, 7:15 p.m. | 32\u00a0minutes ago \nDescription : An issue was discovered in the IhisiServiceSmm module in Insyde InsydeH2O with kernel 5.2 before 05.28.42, 5.3 before 05.37.42, 5.4 before 05.45.39, 5.5 before 05.53.39, and 5.6 before 05.60.39 that could allow an attacker to modify UEFI variables. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T21:51:27.000000Z"}, {"uuid": "40705319-8e92-49df-8704-c5f7ac7158f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28142", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6254", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28142\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nA Race Condition exists in the Qualys Cloud Agent for Windows\nplatform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to\nescalate privileges limited on the local machine during uninstallation of the\nQualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on\nthat asset to run arbitrary commands.\n\n\n\nAt the time of this disclosure, versions before 4.0 are classified as End\nof Life.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-04-18T15:51:58.344Z\n\ud83d\udccf Modified: 2025-03-03T19:22:08.808Z\n\ud83d\udd17 References:\n1. https://www.qualys.com/security-advisories/", "creation_timestamp": "2025-03-03T19:30:44.000000Z"}, {"uuid": "d74a3b4a-ce41-4a86-a8c8-a3c43af5aaf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28141", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6253", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28141\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nAn NTFS Junction condition exists in the Qualys Cloud Agent\nfor Windows platform in versions before 4.8.0.31. Attackers may write files to\narbitrary locations via a local attack vector. This allows attackers to assume\nthe privileges of the process, and they may delete or otherwise on unauthorized\nfiles, allowing for the potential modification or deletion of sensitive files\nlimited only to that specific directory/file object. This vulnerability is\nbounded to the time of installation/uninstallation and can only be exploited locally.\n\n\n\nAt the time of this disclosure, versions before 4.0 are\nclassified as End of Life.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-04-18T15:50:19.411Z\n\ud83d\udccf Modified: 2025-03-03T19:22:56.830Z\n\ud83d\udd17 References:\n1. https://www.qualys.com/security-advisories/", "creation_timestamp": "2025-03-03T19:30:43.000000Z"}, {"uuid": "01fa787d-cc74-422f-b723-4b389ec3ced7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28140", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5606", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28140\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: \nAn Executable Hijacking condition exists in the\nQualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers\nmay load a malicious copy of a Dependency Link Library (DLL) via a local\nattack vector instead of the DLL that the application was expecting, when\nprocesses are running with escalated privileges. This vulnerability\nis bounded only to the time of uninstallation and can only be exploited\nlocally.\n\n\n\nAt the time of this disclosure, versions before 4.0 are classified as End of\nLife.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-04-18T15:47:37.719Z\n\ud83d\udccf Modified: 2025-02-26T19:23:20.308Z\n\ud83d\udd17 References:\n1. https://www.qualys.com/security-advisories/", "creation_timestamp": "2025-02-26T20:25:02.000000Z"}, {"uuid": "3c00f47c-86ca-4617-a79d-4fff1637bf5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2814", "type": "seen", "source": "https://t.me/cibsecurity/64465", "content": "\u203c CVE-2023-2814 \u203c\n\nA vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/save_teacher.php of the component POST Parameter Handler. The manipulation of the argument Academic_Rank leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229428.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-19T20:33:29.000000Z"}, {"uuid": "53a0917e-6381-451c-b20c-74f6b1c14eca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28144", "type": "seen", "source": "https://t.me/cibsecurity/60021", "content": "\u203c CVE-2023-28144 \u203c\n\nKDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-14T21:23:15.000000Z"}, {"uuid": "7f9e0eed-fad1-4211-a221-c5b47d26b646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28143", "type": "seen", "source": "https://t.me/cibsecurity/62368", "content": "\u203c CVE-2023-28143 \u203c\n\nQualys Cloud Agent for macOS (versions 2.5.1-75 before 3.7) installer allows a local escalation of privilege bounded only to the time of installation and only on older macOSX (macOS 10.15 and older) versions. Attackers may exploit incorrect file permissions to give them ROOT command execution privileges on the host. During the install of the PKG, a step in the process involves extracting the package and copying files to several directories. Attackers may gain writable access to files during the install of PKG when extraction of the package and copying files to several directories, enabling a local escalation of privilege.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-18T20:29:21.000000Z"}, {"uuid": "8cfb2e58-82b5-48f1-ac4c-932b1b13cb58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28140", "type": "seen", "source": "https://t.me/cibsecurity/62367", "content": "\u203c CVE-2023-28140 \u203c\n\nAn Executable Hijacking condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers may load a malicious copy of a Dependency Link Library (DLL) via a local attack vector instead of the DLL that the application was expecting, when processes are running with escalated privileges. This vulnerability is bounded only to the time of uninstallation and can only be exploited locally. At the time of this disclosure, versions before 4.0 are classified as End of Life.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-18T20:29:20.000000Z"}, {"uuid": "17e80356-88b1-4d6f-9843-a76937f38492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28142", "type": "seen", "source": "https://t.me/cibsecurity/62366", "content": "\u203c CVE-2023-28142 \u203c\n\nA Race Condition exists in the Qualys Cloud Agent for Windows platform in versions from 3.1.3.34 and before 4.5.3.1. This allows attackers to escalate privileges limited on the local machine during uninstallation of the Qualys Cloud Agent for Windows. Attackers may gain SYSTEM level privileges on that asset to run arbitrary commands. At the time of this disclosure, versions before 4.0 are classified as End of Life.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-18T20:29:16.000000Z"}, {"uuid": "18f9743f-c341-4411-a822-9f22fb377ee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28141", "type": "seen", "source": "https://t.me/cibsecurity/62365", "content": "\u203c CVE-2023-28141 \u203c\n\nAn NTFS Junction condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.5.3.1. Attackers may write files to arbitrary locations via a local attack vector. This allows attackers to assume the privileges of the process, and they may delete or otherwise on unauthorized files, allowing for the potential modification or deletion of sensitive files limited only to that specific directory/file object. This vulnerability is bounded only to the time of uninstallation and can only be exploited locally. At the time of this disclosure, versions before 4.0 are classified as End of Life.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-18T20:29:15.000000Z"}]}