{"vulnerability": "CVE-2023-3672", "sightings": [{"uuid": "a2bac0f3-30de-4286-9b2f-0210173bb6a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36723", "type": "seen", "source": "https://t.me/hackingbra/41", "content": "CVE-2023-36723 Windows Container Manager Service Elevation of Privilege Vulnerability.\n\nAn attacker can abuse this vulnerability to execute code in process that is running with SYSTEM privileges by abusing SxS assembly loading.\n\n@hackingbra", "creation_timestamp": "2023-10-12T20:13:28.000000Z"}, {"uuid": "8729e609-fa56-4e49-be9f-44e5073631f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36723", "type": "published-proof-of-concept", "source": "Telegram/yobraZAv9Xk1qpBJsay3PGgrFQ3lFMTRTwtAyb6u0OcQ", "content": "", "creation_timestamp": "2023-10-22T23:28:13.000000Z"}, {"uuid": "cb454076-12c3-4856-a077-d003eb3705c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36723", "type": "published-proof-of-concept", "source": "https://t.me/k7ali_linux/43", "content": "CVE-2023-36723 : Windows Container Manager Service Elevation of Privilege Vulnerability\n\nPOC : https://github.com/Wh04m1001/CVE-2023-36723", "creation_timestamp": "2023-10-11T04:13:28.000000Z"}, {"uuid": "8e6d13c3-fd40-4ed6-8967-f31cd7c38fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36720", "type": "seen", "source": "https://t.me/arpsyndicate/2336", "content": "#ExploitObserverAlert\n\nCVE-2023-36720\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-36720. Windows Mixed Reality Developer Tools Denial of Service Vulnerability\n\nFIRST-EPSS: 0.000990000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-03T18:07:00.000000Z"}, {"uuid": "e1e49be2-16f9-4859-9880-960e32b24374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36720", "type": "seen", "source": "https://t.me/cibsecurity/72009", "content": "\u203c CVE-2023-36720 \u203c\n\nWindows Mixed Reality Developer Tools Denial of Service Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:22:51.000000Z"}, {"uuid": "5e11febc-2eb9-402f-a851-b0fffae49d14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36722", "type": "seen", "source": "https://t.me/cibsecurity/72030", "content": "\u203c CVE-2023-36722 \u203c\n\nActive Directory Domain Services Information Disclosure Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:26:49.000000Z"}, {"uuid": "15b705b1-8e06-4345-964c-8d135c8ee694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36729", "type": "seen", "source": "https://t.me/cibsecurity/71989", "content": "\u203c CVE-2023-36729 \u203c\n\nNamed Pipe File System Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:16:46.000000Z"}, {"uuid": "ead30a02-a709-44c7-804e-ff80f364cdf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36724", "type": "seen", "source": "https://t.me/cibsecurity/72018", "content": "\u203c CVE-2023-36724 \u203c\n\nWindows Power Management Service Information Disclosure Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:23:00.000000Z"}, {"uuid": "cc56de85-5ab9-426f-8eac-8a4765260463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36721", "type": "seen", "source": "https://t.me/cibsecurity/72036", "content": "\u203c CVE-2023-36721 \u203c\n\nWindows Error Reporting Service Elevation of Privilege Vulnerability\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T22:26:55.000000Z"}, {"uuid": "ea787106-e742-49ff-b778-6dfdcc70d4c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3672", "type": "seen", "source": "https://t.me/cibsecurity/66723", "content": "\u203c CVE-2023-3672 \u203c\n\nCross-site Scripting (XSS) - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-14T14:17:11.000000Z"}, {"uuid": "fdd1be19-6326-4455-85e2-dfe982b79afc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36723", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9190", "content": "#exploit\n1. CVE-2023-28229:\nWindows CNG KeyIso RPC EoP/SBX\nhttps://github.com/Y3A/CVE-2023-28229\n\n2. Polygon Smart Contract Bug\nhttps://blog.chain.link/smart-contract-bug-hunting\n\n3. CVE-2023-36723:\nPoC for arbitrary directory creation bug in Container Manager service\nhttps://github.com/Wh04m1001/CVE-2023-36723", "creation_timestamp": "2023-10-13T10:59:01.000000Z"}, {"uuid": "f4f6c6af-89c1-4603-b5f2-b570752f96d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36728", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9218", "content": "#exploit\n1. CVE-2023-20198:\nCisco ISO XE Software Web Management User Interface Vulnerability\nhttps://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software\n]-&gt; PoC: https://github.com/Tounsi007/CVE-2023-20198\n]-&gt; Checkscript: https://github.com/Atea-Redteam/CVE-2023-20198\n\n2. CVE-2023-36728:\nWindows SQL Server Pre-Auth Overflow Read\nhttps://v-v.space/2023/10/16/sqlserver-dos-CVE-2023-36728\n\n3. CVE-2023-38545:\nSocks5 heap buffer overflow\nhttps://github.com/d0rb/CVE-2023-38545", "creation_timestamp": "2023-10-19T09:31:44.000000Z"}, {"uuid": "a8264523-911c-4393-b613-726fc6e4d257", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36728", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1407", "content": "#exploit\n1. CVE-2023-20198:\nCisco ISO XE Software Web Management User Interface Vulnerability\nhttps://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software\n]-&gt; Checkscript: https://github.com/Atea-Redteam/CVE-2023-20198\n\n2. CVE-2023-36728:\nWindows SQL Server Pre-Auth Overflow Read\nhttps://v-v.space/2023/10/16/sqlserver-dos-CVE-2023-36728\n\n3. CVE-2023-38545:\nSocks5 heap buffer overflow\nhttps://github.com/d0rb/CVE-2023-38545", "creation_timestamp": "2024-08-16T08:34:05.000000Z"}, {"uuid": "52d8206c-cc81-49cc-a315-47a834e95c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36723", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1347", "content": "#exploit\n1. CVE-2023-28229:\nWindows CNG KeyIso RPC EoP/SBX\nhttps://github.com/Y3A/CVE-2023-28229\n\n2. Polygon Smart Contract Bug\nhttps://blog.chain.link/smart-contract-bug-hunting\n\n3. CVE-2023-36723:\nPoC for arbitrary directory creation bug in Container Manager service\nhttps://github.com/Wh04m1001/CVE-2023-36723", "creation_timestamp": "2024-08-16T08:33:55.000000Z"}]}