{"vulnerability": "CVE-2023-2944", "sightings": [{"uuid": "99983316-d46c-4e16-8548-e3903afbb477", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29449", "type": "seen", "source": "https://t.me/cibsecurity/66637", "content": "\u203c CVE-2023-29449 \u203c\n\nJavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T12:47:28.000000Z"}, {"uuid": "338cf943-99be-448b-8e63-03ac438b48e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29444", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16399", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29444\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could allow a locally authenticated adversary to escalate privileges to SYSTEM. Alternatively, they could host a trojanized version of the software and trick victims into downloading and installing their malicious version to gain initial access and code execution.\n\ud83d\udccf Published: 2024-01-10T17:06:35.965Z\n\ud83d\udccf Modified: 2025-05-14T20:14:19.414Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-03\n2. https://www.ptc.com/en/support/article/cs399528", "creation_timestamp": "2025-05-14T20:32:28.000000Z"}, {"uuid": "6efe0d0f-66a7-48cd-aae1-c2b2d4c2a264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29447", "type": "seen", "source": "https://t.me/ctinow/166156", "content": "https://ift.tt/W1mtcVY\nCVE-2023-29447", "creation_timestamp": "2024-01-10T22:32:13.000000Z"}, {"uuid": "e78e1c8c-af52-41ad-85b5-bb4831774a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29446", "type": "seen", "source": "https://t.me/ctinow/166155", "content": "https://ift.tt/e9vYOAU\nCVE-2023-29446", "creation_timestamp": "2024-01-10T22:32:11.000000Z"}, {"uuid": "e2ea34aa-2aca-41e9-817b-e301e619b85e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29445", "type": "seen", "source": "https://t.me/ctinow/166154", "content": "https://ift.tt/nHIkq8s\nCVE-2023-29445", "creation_timestamp": "2024-01-10T22:32:10.000000Z"}, {"uuid": "8473d5b7-dc3e-45c3-a6ac-c5c0b03af3ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29443", "type": "seen", "source": "Telegram/xfhbG4IdT08V4X6lFjLSy5bAkMa53XSLVCMqwT7z1iy-Fxcy", "content": "", "creation_timestamp": "2025-02-06T02:40:19.000000Z"}, {"uuid": "b1d669d4-ae14-4ecd-9acf-74336dfacb18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29444", "type": "seen", "source": "https://t.me/ctinow/166037", "content": "https://ift.tt/60vQH7F\nCVE-2023-29444", "creation_timestamp": "2024-01-10T18:27:17.000000Z"}, {"uuid": "99fcb9b5-25ac-408c-8bac-dbcb302f560e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29441", "type": "seen", "source": "https://t.me/cibsecurity/69966", "content": "\u203c CVE-2023-29441 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert Heller WebLibrarian plugin <=\u00c2\u00a03.5.8.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T12:17:51.000000Z"}, {"uuid": "7267259d-00e1-4ddf-8c6c-04ded4323570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29442", "type": "seen", "source": "https://t.me/cibsecurity/62947", "content": "\u203c CVE-2023-29442 \u203c\n\nZoho ManageEngine Applications Manager through 16390 allows DOM XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T00:25:21.000000Z"}, {"uuid": "2cc918d5-885e-4b0d-b78d-984926335d4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29443", "type": "seen", "source": "https://t.me/cibsecurity/62936", "content": "\u203c CVE-2023-29443 \u203c\n\nZoho ManageEngine ServiceDesk Plus through 14104 allows admin users to conduct an XXE attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T00:25:07.000000Z"}]}