{"vulnerability": "cve-2023-2573", "sightings": [{"uuid": "365241fa-4f77-4d5a-888b-f564340c940b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25733", "type": "seen", "source": "https://t.me/cibsecurity/65335", "content": "\u203c CVE-2023-25733 \u203c\n\nThe return value from `gfx::SourceSurfaceSkia::Map()` wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox < 110.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-19T14:25:27.000000Z"}, {"uuid": "eadb2970-eaaa-41c7-a7e7-dfeed740e033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25730", "type": "seen", "source": "https://t.me/cibsecurity/64945", "content": "\u203c CVE-2023-25730 \u203c\n\nA background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:42:41.000000Z"}, {"uuid": "e6fb05bd-e2f5-4917-aa2c-2b118f97d72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25734", "type": "seen", "source": "https://t.me/cibsecurity/64929", "content": "\u203c CVE-2023-25734 \u203c\n\nAfter downloading a Windows .url shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This also had the potential to leak NTLM credentials to the resource.*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:39:44.000000Z"}, {"uuid": "b06760be-67ac-4320-97a7-e799144d1bed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25735", "type": "seen", "source": "https://t.me/cibsecurity/64919", "content": "\u203c CVE-2023-25735 \u203c\n\nCross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free after unwrapping the proxy. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:39:33.000000Z"}, {"uuid": "1fb237ad-c340-4c0d-81d7-f3e841a7a68c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25737", "type": "seen", "source": "https://t.me/cibsecurity/64902", "content": "\u203c CVE-2023-25737 \u203c\n\nAn invalid downcast from nsTextNode to SVGElement could have lead to undefined behavior. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-02T20:36:37.000000Z"}, {"uuid": "5887b1f3-5801-411b-b496-22add5acbc3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2573", "type": "seen", "source": "https://t.me/cibsecurity/63422", "content": "\u203c CVE-2023-2573 \u203c\n\nAdvantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection vulnerability in the NTP server input field, which can be triggered by authenticated users via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-08T16:51:23.000000Z"}]}