{"vulnerability": "cve-2023-2140", "sightings": [{"uuid": "b63ca0a1-4627-492c-91f5-ce4ba8cb0a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21400", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/216", "content": "Dirty Pagetable: A Novel Exploitation Technique To Rule Linux Kernel\n\nAn article by Nicolas Wu about the Dirty Pagetable exploitation technique.\n\nDirty Pagetable enables using a slab bug to overwrite userspace Page Table Entries and gain arbitrary read/write access to physical memory.\n\nTo demonstrate the technique, Nicolas Wu and Ye Zhang wrote a few exploits, including one for CVE-2023-21400, a racy slab double-free in the io_uring subsystem. The exploit gains root on Pixel 7.", "creation_timestamp": "2023-07-12T23:20:58.000000Z"}, {"uuid": "f1cdb5cd-d758-453c-981f-98926d318efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21400", "type": "published-proof-of-concept", "source": "https://t.me/cyboghostultimate/15", "content": "Exploit Google Pixel 7\n\nIn detail analysis of exploiting CVE-2023-21400 on Google Pixel 7 with Dirty Pagetable exploit that uses file UAF and pid UAF vulnerabilities \nhttps://yanglingxi1993.github.io/dirty_pagetable/dirty_pagetable.html", "creation_timestamp": "2023-07-30T12:35:37.000000Z"}, {"uuid": "f9e4947e-74e0-49d9-83f2-2d22cf0ccf59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21400", "type": "published-proof-of-concept", "source": "https://t.me/poenamarket/1260", "content": "Exploit Google Pixel 7\n\nIn detail analysis of exploiting CVE-2023-21400 on Google Pixel 7 with Dirty Pagetable exploit that uses file UAF and pid UAF vulnerabilities \nhttps://yanglingxi1993.github.io/dirty_pagetable/dirty_pagetable.html", "creation_timestamp": "2023-08-26T04:36:19.000000Z"}, {"uuid": "449ac817-4b86-4aac-8a69-2921fb190a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21406", "type": "seen", "source": "https://t.me/true_secator/4665", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0434\u0432\u0435\u0440\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0448\u0432\u0435\u0434\u0441\u043a\u043e\u0439 Axis Communications \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044f \u0438\u0445 \u043a\u0430\u043a \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u043c, \u0442\u0430\u043a \u0438 \u043a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437\u0430\u043c.\n\nAxis \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u043a\u0430\u043c\u0435\u0440\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u0438 \u0447\u0430\u0441\u0442\u043d\u044b\u043c\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\u00a0\n\nCVE-2023-21406 \u0438\u043c\u0435\u0435\u0442 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u0435 \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 Axis A1001. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u041a\u0430\u043a \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u0435\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 pacsiod\u00a0\u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0441\u0432\u044f\u0437\u044c Open Supervised Device Protocol (OSDP), \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0437\u0430\u043f\u0438\u0441\u044c \u0432\u043d\u0435 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0431\u0443\u0444\u0435\u0440\u0430.\n\n\u0414\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044e OSDP, \u043c\u043e\u0436\u043d\u043e \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0431\u0443\u0444\u0435\u0440\u0430, \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432 \u043a\u0443\u0447\u0435.\u00a0\u0414\u0430\u043d\u043d\u044b\u0435, \u0437\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0432\u043d\u0435 \u0431\u0443\u0444\u0435\u0440\u0430, \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f RCE.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Otorio \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0432\u0435\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043a\u0440\u0443\u043f\u043d\u044b\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0435\u043a\u0442 \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 OSDP, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u0447\u0438\u0442\u0430\u043b\u0441\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Axis \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a RS-485, \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0430 \u0437\u0430\u0434\u043d\u0435\u0439 \u043f\u0430\u043d\u0435\u043b\u0438 \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u0435\u043b\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u044b\u0447\u043d\u043e \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0432\u0445\u043e\u0434\u0435 \u0432 \u043e\u0445\u0440\u0430\u043d\u044f\u0435\u043c\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0438\u043b\u0438 \u043f\u0435\u0440\u0438\u043c\u0435\u0442\u0440.\u00a0\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0447\u0442\u043e\u0431\u044b \u0431\u0435\u0441\u043f\u0440\u0435\u043f\u044f\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c \u0434\u0432\u0435\u0440\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0436\u0443\u0440\u043d\u0430\u043b\u044b, \u0441\u043a\u0440\u044b\u0432\u0430\u044f \u0441\u0432\u043e\u0438 \u0441\u043b\u0435\u0434\u044b.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f RCE \u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437-\u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u043e\u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043e\u0431\u044a\u0435\u043a\u0442\u0430, \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043a\u0430\u043d\u0430\u043b \u0434\u043b\u044f \u0441\u0432\u044f\u0437\u0438 \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u043c.\n\n\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043b\u0443\u0436\u0438\u0442\u044c \u0448\u043b\u044e\u0437\u043e\u043c \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044e\u044e IP-\u0441\u0435\u0442\u044c, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u043e\u043d\u0430 \u0441\u0438\u043b\u044c\u043d\u043e \u0441\u0435\u0433\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u0438\u043b\u0438 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043e\u0442 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430.", "creation_timestamp": "2023-07-27T17:01:04.000000Z"}, {"uuid": "32b79ba0-159e-4f3e-b11c-588dc27ff70b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2140", "type": "seen", "source": "https://t.me/true_secator/4473", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Synacktiv \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 Delmia Apriso, \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c\u0438 \u043e\u0442 \u0444\u0440\u0430\u043d\u0446\u0443\u0437\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Dassault.\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 DELMIA Apriso \u0441 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438 \u0441 2017 \u043f\u043e 2022.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c CVE-2023-2139 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 XSS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f.\n\n\u0414\u0432\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0434\u043d\u0430 \u0438\u0437 \u043d\u0438\u0445 CVE-2023-2140, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u0438 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430  \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0445\u043e\u0441\u0442\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 DELMIA Apriso.\n\nCVE-2023-2141 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043e\u0431\u044a\u0435\u043a\u0442\u0430 .NET \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0412\u0441\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b. \u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438 \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u043d\u0435 \u043c\u0430\u043b\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0441\u0430\u043d\u043a\u0446\u0438\u0438, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0432\u0441\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2023-06-07T14:02:04.000000Z"}, {"uuid": "8b77464f-394a-4eaf-aa3a-cb5080dd0450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21400", "type": "seen", "source": "https://t.me/ctinow/170327", "content": "https://ift.tt/YcUFJnH\nCVE-2023-21400 Linux Kernel Vulnerability in NetApp Products", "creation_timestamp": "2024-01-19T18:32:04.000000Z"}, {"uuid": "5848ebe7-9053-4fd8-8fe7-13ffa234eda7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21402", "type": "seen", "source": "https://t.me/ctinow/158965", "content": "https://ift.tt/5cq1YbS\nCVE-2023-21402 | Google Android Privilege Escalation", "creation_timestamp": "2023-12-24T09:41:17.000000Z"}, {"uuid": "a139853f-a920-4edf-814b-8eb7f1f3363a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21401", "type": "seen", "source": "https://t.me/ctinow/158964", "content": "https://ift.tt/jiBRbom\nCVE-2023-21401 | Google Android Privilege Escalation", "creation_timestamp": "2023-12-24T09:41:16.000000Z"}, {"uuid": "64283ac9-b6d5-419b-b470-260aabbf6ffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21403", "type": "seen", "source": "https://t.me/ctinow/158963", "content": "https://ift.tt/ojfX2tC\nCVE-2023-21403 | Google Android Privilege Escalation", "creation_timestamp": "2023-12-24T09:41:15.000000Z"}, {"uuid": "18e27681-6aed-4919-9228-6df538bdc411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21407", "type": "seen", "source": "https://t.me/cibsecurity/67646", "content": "\u203c CVE-2023-21407 \u203c\n\nA broken access control was found allowing for privileged escalation of the operator account to gainadministrator privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T12:40:15.000000Z"}, {"uuid": "ea7f7f56-4345-477b-8558-d6844e38c46f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21408", "type": "seen", "source": "https://t.me/cibsecurity/67636", "content": "\u203c CVE-2023-21408 \u203c\n\nDue to insufficient file permissions, unprivileged users could gain access to unencrypted user credentialsthat are used in the integration interface towards 3rd party systems.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T12:40:05.000000Z"}, {"uuid": "5357b64d-53ef-43c1-bdc4-5b97d3adc3b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21409", "type": "seen", "source": "https://t.me/cibsecurity/67634", "content": "\u203c CVE-2023-21409 \u203c\n\nDue to insufficient file permissions, unprivileged users could gain access to unencrypted administratorcredentials allowing the configuration of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T12:40:00.000000Z"}, {"uuid": "9da35a47-b26e-4d1b-baf5-4a5da4eef810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21406", "type": "seen", "source": "https://t.me/cibsecurity/67216", "content": "\u203c CVE-2023-21406 \u203c\n\nAriel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 whencommunicating over OSDP. A heap-based buffer overflow was found in the pacsiod process whichis handling the OSDP communication allowing to write outside of the allocated buffer. Byappending invalid data to an OSDP message it was possible to write data beyond the heapallocated buffer. The data written outside the buffer could be used to execute arbitrary code.\u00c2\u00a0lease refer to the Axis security advisory for more information, mitigation and affected products and software versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T12:28:08.000000Z"}, {"uuid": "ab6f918b-0384-4ba2-a12f-28614eef365e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21405", "type": "seen", "source": "https://t.me/cibsecurity/67209", "content": "\u203c CVE-2023-21405 \u203c\n\nKnud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis NetworkIntercoms when communicating over OSDP, highlighting that the OSDP message parser crashesthe pacsiod process, causing a temporary unavailability of the door-controlling functionalitiesmeaning that doors cannot be opened or closed. No sensitive or customer data can be extractedas the Axis device is not further compromised. Please refer to the Axis security advisory for more information, mitigation and affected products and software versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T12:27:59.000000Z"}, {"uuid": "8f1acfbe-0710-4db1-9c2b-05ea08cfa419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21400", "type": "seen", "source": "https://t.me/cibsecurity/66628", "content": "\u203c CVE-2023-21400 \u203c\n\nIn multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T07:45:31.000000Z"}, {"uuid": "705b08e6-4668-4ec3-b75a-28c0cbef5b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2140", "type": "seen", "source": "https://t.me/cibsecurity/62622", "content": "\u203c CVE-2023-2140 \u203c\n\nA Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 could allow an unauthenticated attacker to issue requests to arbitrary hosts on behalf of the server running the DELMIA Apriso application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-21T20:31:43.000000Z"}, {"uuid": "eae2c1ef-4b30-4365-af0b-985c4cecfeba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21400", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/1941", "content": "Exploit Google Pixel 7\n\nIn detail analysis of exploiting CVE-2023-21400 on Google Pixel 7 with Dirty Pagetable exploit that uses file UAF and pid UAF vulnerabilities \nhttps://yanglingxi1993.github.io/dirty_pagetable/dirty_pagetable.html", "creation_timestamp": "2023-08-07T11:03:33.000000Z"}, {"uuid": "07234393-90d9-4540-a9a6-67caf8e4526b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21400", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7509", "content": "Exploit Google Pixel 7\n\nIn detail analysis of exploiting CVE-2023-21400 on Google Pixel 7 with Dirty Pagetable exploit that uses file UAF and pid UAF vulnerabilities \nhttps://yanglingxi1993.github.io/dirty_pagetable/dirty_pagetable.html", "creation_timestamp": "2023-07-11T14:07:56.000000Z"}]}