{"vulnerability": "CVE-2023-5300", "sightings": [{"uuid": "b4db4071-e622-4896-bdd2-f4ceb045d525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-53002", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c26e25e9-4189-4ee6-a370-056779ac9137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-53009", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "ecbf08cf-5256-4218-8b17-3a2cc48f470b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5300", "type": "seen", "source": "https://t.me/cibsecurity/71359", "content": "\u203c CVE-2023-5300 \u203c\n\nA vulnerability classified as critical has been found in TTSPlanning up to 20230925. This affects an unknown part. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240939.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-30T14:38:30.000000Z"}, {"uuid": "baadad0d-f75e-48e1-8446-668f5e0ccbbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-53008", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "b5c3df03-fb08-484b-8b37-6f0093704539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53003", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9362", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-53003\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/qcom: Do not pass llcc_driv_data as edac_device_ctl_info's pvt_info\n\nThe memory for llcc_driv_data is allocated by the LLCC driver. But when\nit is passed as the private driver info to the EDAC core, it will get freed\nduring the qcom_edac driver release. So when the qcom_edac driver gets probed\nagain, it will try to use the freed data leading to the use-after-free bug.\n\nHence, do not pass llcc_driv_data as pvt_info but rather reference it\nusing the platform_data pointer in the qcom_edac driver.\n\ud83d\udccf Published: 2025-03-27T16:43:35.155Z\n\ud83d\udccf Modified: 2025-03-28T15:21:57.079Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/66e10d5f399629ef7877304d9ba2b35d0474e7eb\n2. https://git.kernel.org/stable/c/76d9ebb7f0bc10fbc78b6d576751552edf743968\n3. https://git.kernel.org/stable/c/bff5243bd32661cf9ce66f6d9210fc8f89bda145\n4. https://git.kernel.org/stable/c/6f0351d0c311951b8b3064db91e61841e85b2b96\n5. https://git.kernel.org/stable/c/977c6ba624f24ae20cf0faee871257a39348d4a9", "creation_timestamp": "2025-03-28T15:28:31.000000Z"}, {"uuid": "999e6b72-6e3c-44f1-9b16-6f386a6f683d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-53008", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}]}