{"vulnerability": "cve-2023-2846", "sightings": [{"uuid": "079f2447-9062-416b-b446-053a2d1d012a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113513465135891182", "content": "", "creation_timestamp": "2024-11-20T04:47:00.658892Z"}, {"uuid": "121f7fa8-1d07-44b4-a463-f9cc28a8fe57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113583822153668615", "content": "", "creation_timestamp": "2024-12-02T14:59:43.946984Z"}, {"uuid": "b9cc6dac-bf6c-4dec-9e2b-8783805b6d2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://infosec.exchange/users/jbhall56/statuses/113549584882773698", "content": "", "creation_timestamp": "2024-11-26T13:52:44.333069Z"}, {"uuid": "749d6fae-6ae8-4afc-a8f5-63405afafc4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113544421331313601", "content": "", "creation_timestamp": "2024-11-25T15:59:35.598479Z"}, {"uuid": "d1412570-2c50-4f9b-a17f-b3e9ff4c8e18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-11-25T18:10:02.000000Z"}, {"uuid": "e35542df-3f7f-4a99-a4c7-35a52953d746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2755454", "content": "", "creation_timestamp": "2024-11-25T16:25:12.075219Z"}, {"uuid": "af0eb9ea-510c-45a4-b3fb-17110e75b165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html", "content": "", "creation_timestamp": "2024-11-26T04:03:00.000000Z"}, {"uuid": "f83bf0ef-a002-48e4-b31a-01dcb1b11bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113556656186807354", "content": "", "creation_timestamp": "2024-11-27T19:51:07.531262Z"}, {"uuid": "c8a41c95-d15a-457f-9f14-6d8144c70d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113595833220359528", "content": "", "creation_timestamp": "2024-12-04T17:54:18.376965Z"}, {"uuid": "96fbc106-db50-4f6d-ae84-deb12500351a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2024-12-24)", "content": "", "creation_timestamp": "2024-12-24T00:00:00.000000Z"}, {"uuid": "6b08d1a0-db88-4ca1-a4ce-4421ecbecedb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-13)", "content": "", "creation_timestamp": "2025-01-13T00:00:00.000000Z"}, {"uuid": "69e58498-1519-4394-9305-8305f097523c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-01-14)", "content": "", "creation_timestamp": "2025-01-14T00:00:00.000000Z"}, {"uuid": "e027184d-4e1b-4ecf-b95d-46b0055cc7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:11:02.000000Z"}, {"uuid": "d80f9db3-5135-44f4-b838-51e74777c2c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-21)", "content": "", "creation_timestamp": "2025-05-21T00:00:00.000000Z"}, {"uuid": "2e7a9294-6a95-470b-9b73-12ffbd592c30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-23)", "content": "", "creation_timestamp": "2025-04-23T00:00:00.000000Z"}, {"uuid": "0254a674-2d9b-496d-8cba-4bcf764e7aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-26)", "content": "", "creation_timestamp": "2025-11-26T00:00:00.000000Z"}, {"uuid": "1925062d-3c87-412a-90a8-30a92917321c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-25)", "content": "", "creation_timestamp": "2025-11-25T00:00:00.000000Z"}, {"uuid": "458a42c0-3d7d-4c4a-9b85-0b5f6ff337e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-30)", "content": "", "creation_timestamp": "2025-10-30T00:00:00.000000Z"}, {"uuid": "211abb59-8c92-4542-81de-ec58197b66ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-22)", "content": "", "creation_timestamp": "2025-10-22T00:00:00.000000Z"}, {"uuid": "588e5df6-dbf0-42ed-ab0d-0ea99b430679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28465", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrsq2edzv2n", "content": "", "creation_timestamp": "2025-08-19T21:02:30.594771Z"}, {"uuid": "a7cb40c7-eb58-4118-ac47-8206fba66655", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-08-19)", "content": "", "creation_timestamp": "2025-08-19T00:00:00.000000Z"}, {"uuid": "07275202-62de-4846-895c-ae7076e0f2f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-12)", "content": "", "creation_timestamp": "2025-12-12T00:00:00.000000Z"}, {"uuid": "ec08c878-b485-4865-b2c2-505f82d16edc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-12-14)", "content": "", "creation_timestamp": "2025-12-14T00:00:00.000000Z"}, {"uuid": "c58328e1-7ed4-43b0-9692-b46ae6285169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-14)", "content": "", "creation_timestamp": "2026-01-14T00:00:00.000000Z"}, {"uuid": "7ae922dc-2e9b-4f1f-b8c0-c21c549b7ef6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-28461", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/afb6bc71-7c43-4237-b391-f3634108359f", "content": "", "creation_timestamp": "2026-02-02T12:26:20.913425Z"}, {"uuid": "38155045-50c8-4460-a886-c67f17edc2d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "exploited", "source": "https://t.me/crackvaultde/113", "content": "Hackers Exploit Critical Bug in Array Networks SSL VPN Products\n\nHackers are exploiting a severe remote code execution vulnerability (CVE-2023-28461) in Array Networks SSL VPN products, affecting over 5,000 organizations globally.\n\nhttps://www.bleepingcomputer.com/news/security/hackers-exploit-critical-bug-in-array-networks-ssl-vpn-products/ \n\ncrack-vault.de\n\n#crackvault", "creation_timestamp": "2024-11-26T17:00:35.000000Z"}, {"uuid": "165df6cb-673c-4e10-a94b-a868bf0745d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://t.me/CyberBulletin/1621", "content": "\u26a1\ufe0fCVE-2023-28461 (CVSS 9.8): Critical Array Networks Vulnerability Added to KEV Catalog.\n\n#CyberBulletin", "creation_timestamp": "2024-11-26T13:03:26.000000Z"}, {"uuid": "a55541ee-cf07-4be7-93d8-fb282b2baaa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28462", "type": "seen", "source": "Telegram/pKfjSAyyTdwmZfChAnq36ApmbNun7kQI1v0mjijJffa5Rie6", "content": "", "creation_timestamp": "2025-02-18T21:11:32.000000Z"}, {"uuid": "0b360deb-58a9-4594-b214-82b786368fad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28464", "type": "seen", "source": "Telegram/8p6JA5oMMOqwPorrqcuvwcmg79aWDchpNaHDfTZK-qhrPOA", "content": "", "creation_timestamp": "2023-03-28T18:25:20.000000Z"}, {"uuid": "b8d527e5-8fd2-4411-8b24-f6f360bd47fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "exploited", "source": "Telegram/LZRgmojkDTEgBxfanV4Wg4EFvwRqI290j5-XPcO-L3oyXg", "content": "", "creation_timestamp": "2024-11-26T11:09:53.000000Z"}, {"uuid": "26339c2f-f3c6-410a-bd58-c3e4507f8119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28467", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3127", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  -  Hackers Factory\n\n\u200b\u200bFirefox Decrypt\n\nA tool to extract passwords from Mozilla (Firefox\u2122, Waterfox\u2122, Thunderbird\u00ae, SeaMonkey\u00ae) profiles.\n\nhttps://github.com/unode/firefox_decrypt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bmutation fuzzer\n\nMutate a binary to identify potential #exploit candidates.\n\nhttps://github.com/demetriusford/mutation-fuzzer\n\n#cybersecurity #infosec\n\n\u200b\u200bmasm32-kernel-programming\n\nmasm32 kernel programming, drivers, tutorials, examples, and tools (credits Four-F)\n\nhttps://github.com/therealdreg/masm32-kernel-programming\n\n#malware #cybersecurity #infosec\n\n\u200b\u200bXSS-Bypass-Filters\n\nhttps://github.com/Edr4/XSS-Bypass-Filters\n\n#infosec #bugbounty \n\n\u200b\u200bCVE-2023-3519\n\nThis #Nmap NSE script checks for the CVE-2023-3519 vulnerability in Citrix Gateway and Citrix AAA.\n\nhttps://github.com/dorkerdevil/CitrixFall\n\n#infosec \n\n\u200b\u200bCVE-2023-3519\n\nThe cve_2023_3519_inspector.py is a Python-based vulnerability scanner for detecting the CVE-2023-3519 vulnerability in Citrix Gateways. It performs a passive analysis and fingerprinting of target websites to assess their vulnerability based on a series of checks.\n\nhttps://github.com/securekomodo/citrixInspector\n\n#cve\n\n\u200b\u200bCVE-2023-28121\n\nWooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]\n\nhttps://github.com/im-hanzou/Mass-CVE-2023-28121\n\n#cve\n\n\u200b\u200bCVE-2023-32681\n\nVulnerability in python-requests affects IBM InfoSphere Information Server.\n\nhttps://github.com/hardikmodha/POC-CVE-2023-32681\n\n#cve #poc #cybersecurity #infosec\n\n\u200b\u200bCloudflare Origin ip\n\nThis Python tool compares the HTTP response of the given subdomain to HTTP responses of a list of IPs addresses. This list is based on:\n\n\u2022 subdomains supplied by the user\n\u2022 subdomains found on external sources\n\u2022 IPs found external sources\n\nhttps://github.com/gwen001/cloudflare-origin-ip\n\n\u200b\u200bBucketLoot\n\nBucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.\n\nhttps://github.com/redhuntlabs/BucketLoot\n\n\u200b\u200bHtmlSmuggling\n\nit is malicious technique used by hackers to hide malware payloads in an encoded script in a specially crafted HTML attachment or web page.\n\nhttps://github.com/De3vil/HtmlSmuggling\n\n\u200b\u200bTGSThief\n\nI think a lot of people have seen the project GIUDA. It is an interesting way to get the TGS of a user whose logon session is just present on the computer. The problem is that its code is written in Pascal (the last time I wrote in Pascal was at school), so I had to rewrite the project in C++.\n\nhttps://github.com/MzHmO/TGSThief\n\n\u200b\u200bCVE-2023-28467\n\nCross-site scripting (XSS) vulnerability in the User CP module allows remote authenticated users to inject HTML via the user email field, triggered on the User CP Home page.\n\nAfter registration, the e-mail address is changed and the XSS payload is placed. Then, when \"User CP\" is entered, the vulnerability is triggered.\n\nhttps://github.com/ahmetaltuntas/CVE-2023-28467\n\n\u200b\u200bRandomTSScripts\n\nRandom collection of scripts useful for engagements, which don't really need their own repo.\n\nhttps://github.com/xpn/RandomTSScripts\n\n\u200b\u200bCVE-2023-38408 \n\nRemote Code Execution in OpenSSH's forwarded ssh-agent\n\nhttps://github.com/snowcra5h/CVE-2023-38408\n\n\u200b\u200bcombine\n\nRust in-memory dumper. Check your windows local security authority credential's safety with this awesome tool.\n\nhttps://github.com/m3f157O/combine_harvester\n\n\u200b\u200bTokenTactics v2\n\nA fork of the great TokenTactics with support for CAE and token endpoint v2.\n\nhttps://github.com/f-bader/TokenTacticsV2\n\n\u200b\u200bDeepCamera\n\nOpen-Source #AI #Camera. Empower any camera/CCTV with state-of-the-art AI, including facial recognition, person recognition(RE-ID) car detection, fall detection and more...\n\nhttps://github.com/SharpAI/DeepCamera\n\n\u200b\u200bAnalytics & AdBlocker\n\nProtect your #privacy while browsing the web.\n\nhttps://github.com/con-schy1/Analytics_AdBlocker\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-25T11:56:20.000000Z"}, {"uuid": "341c861a-ad7a-4638-866e-bb2184bf8025", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "Telegram/ppiSulYceQSHLhHWtxt8lmsgjd6Tp1pACgBTkVIoHLT6n3w", "content": "", "creation_timestamp": "2024-11-26T15:15:15.000000Z"}, {"uuid": "7ce52352-bd80-4a53-9678-83264b330ade", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28467", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/851", "content": "CVE-2023-28467 : MyBB 1.8.33 User CP module - XSS\nPOC : https://github.com/ahmetaltuntas/CVE-2023-28467", "creation_timestamp": "2023-08-22T13:20:12.000000Z"}, {"uuid": "1f83fcb0-f402-45d2-9350-49760b73fcdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28465", "type": "seen", "source": "https://t.me/ctinow/161812", "content": "https://ift.tt/xUFbuXq\nCVE-2023-28465 | FHIR Core Libraries prior 5.6.106 on CVE package-decompression path traversal (GHSA-9654-pr4f-gh6m)", "creation_timestamp": "2024-01-02T15:06:54.000000Z"}, {"uuid": "9cc5b797-a4fc-4640-bb52-e6afec05ee2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2846", "type": "seen", "source": "https://t.me/cibsecurity/65772", "content": "\u203c CVE-2023-2846 \u203c\n\nAuthentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series main modules allows a remote unauthenticated attacker to cancel the password/keyword setting and login to the affected products by sending specially crafted packets.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-30T12:16:54.000000Z"}, {"uuid": "c7084bb9-90fd-45fa-b6f5-800d5817b070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28468", "type": "seen", "source": "https://t.me/cibsecurity/67687", "content": "\u203c CVE-2023-28468 \u203c\n\nAn issue was discovered in FvbServicesRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The FvbServicesRuntimeDxe SMM module exposes an SMI handler that allows an attacker to interact with the SPI flash at run-time from the OS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T18:40:05.000000Z"}, {"uuid": "3716d82a-82e7-47b7-87fd-e9eb34fd55e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28464", "type": "seen", "source": "https://t.me/cibsecurity/61255", "content": "\u203c CVE-2023-28464 \u203c\n\nhci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-31T20:22:24.000000Z"}, {"uuid": "8c758c61-6a24-4534-a785-42da514cf01f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28467", "type": "seen", "source": "https://t.me/cibsecurity/64563", "content": "\u203c CVE-2023-28467 \u203c\n\nIn MyBB before 1.8.34, there is XSS in the User CP module via the user email field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T22:24:53.000000Z"}, {"uuid": "c7b13ce6-d0dc-42d3-b526-9009a7ca9f7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28462", "type": "seen", "source": "https://t.me/cibsecurity/61203", "content": "\u203c CVE-2023-28462 \u203c\n\nA JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 (Enterprise), 5.20.0 and newer (Enterprise), and 5.2020.1 and newer (Community), when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-31T00:21:39.000000Z"}, {"uuid": "aecd1b17-7fac-4b3c-9e71-1a68dad02d4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28466", "type": "seen", "source": "https://t.me/cibsecurity/60100", "content": "\u203c CVE-2023-28466 \u203c\n\ndo_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T06:30:20.000000Z"}, {"uuid": "b1eddf23-182a-4435-b489-678aabb50d03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "exploited", "source": "https://t.me/thehackernews/5949", "content": "\ud83d\udea8 A critical security flaw (CVE-2023-28461) impacting Array Networks AG and vxAG gateways has been added to the CISA's Known Exploited Vulnerabilities catalog after reports of active exploitation. \n \nRead more about the flaw, its exploitation: https://thehackernews.com/2024/11/cisa-urges-agencies-to-patch-critical.html", "creation_timestamp": "2024-11-26T06:05:54.000000Z"}, {"uuid": "e39de816-7543-4de4-9940-8ba932405232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28461", "type": "seen", "source": "https://t.me/CyberBulletin/26622", "content": "\u26a1\ufe0fCVE-2023-28461 (CVSS 9.8): Critical Array Networks Vulnerability Added to KEV Catalog.\n\n#CyberBulletin", "creation_timestamp": "2024-11-26T13:03:26.000000Z"}, {"uuid": "d821104d-b544-43dc-a6ec-22bad79e4800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28467", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8720", "content": "#exploit\n1. CVE-2023-32681:\nVulnerability in python-requests affects IBM InfoSphere Information Server\nhttps://github.com/hardikmodha/POC-CVE-2023-32681\n\n2. CVE-2023-28467:\nMyBB 1.8.33 - User CP email persistent XSS\nhttps://github.com/ahmetaltuntas/CVE-2023-28467\n\n3. Google Chrome V8 ArrayShift Race Condition RCE\nhttps://blog.exodusintel.com/2023/05/16/google-chrome-v8-arrayshift-race-condition-remote-code-execution", "creation_timestamp": "2023-07-23T19:34:47.000000Z"}, {"uuid": "9796cc83-bb29-4ae7-875a-d55b02ad5b99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28467", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5341", "content": "CVE-2023-28467\n\nMyBB 1.8.33 User CP email persistent XSS\n\nGithub\n\n#CVE #XSS\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-07-24T13:05:13.000000Z"}]}