{"vulnerability": "cve-2023-2949", "sightings": [{"uuid": "d2b39929-d0b1-47df-9a05-04537706b180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29492", "type": "seen", "source": "MISP/6a1e78c5-1baf-4ae6-8ad7-959df8a51015", "content": "", "creation_timestamp": "2023-04-14T11:15:26.000000Z"}, {"uuid": "b29fc2a2-dd68-47cf-b9cc-0e766c990f3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29492", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "1b513b0c-0ce6-4e03-81ca-38df5f9267e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29492", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971799", "content": "", "creation_timestamp": "2024-12-24T20:34:12.383024Z"}, {"uuid": "c65f8e92-5cab-4ede-9652-ef145f4c5d8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29492", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:42.000000Z"}, {"uuid": "436236f7-6bc3-4139-9b5e-4506a6044290", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29492", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:57.000000Z"}, {"uuid": "83b534a1-7984-4a68-aadb-64ea3b559de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-29492", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/615674bd-9447-4395-bc1b-1547a08a9341", "content": "", "creation_timestamp": "2026-02-02T12:27:01.231403Z"}, {"uuid": "be878cd2-1520-40bd-87ea-f03b312dce98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29495", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15743", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29495\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper input validation for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2024-01-19T20:03:11.441Z\n\ud83d\udccf Modified: 2025-05-09T15:00:55.471Z\n\ud83d\udd17 References:\n1. https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01009.html", "creation_timestamp": "2025-05-09T15:25:33.000000Z"}, {"uuid": "e5e90828-ff76-4b9a-a55b-316e3bd4e9c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2949", "type": "published-proof-of-concept", "source": "https://t.me/arpsyndicate/4828", "content": "#ExploitObserverAlert\n\nCVE-2023-2949\n\nDESCRIPTION: Exploit Observer has 10 entries in 5 file formats related to CVE-2023-2949. Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.\n\nFIRST-EPSS: 0.002630000\nNVD-IS: 2.7\nNVD-ES: 2.8\nARPS-PRIORITY: 0.9530915", "creation_timestamp": "2024-04-24T21:56:20.000000Z"}, {"uuid": "dceb21cc-a795-42f5-9d87-c09c974c53ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29495", "type": "seen", "source": "https://t.me/ctinow/185749", "content": "https://ift.tt/uLvSHMx\nCVE-2023-29495 | Intel NUC BIOS prior IN0048 input validation (intel-sa-01009)", "creation_timestamp": "2024-02-15T18:23:12.000000Z"}, {"uuid": "ccc4ad4f-3f70-4db9-8f65-7f50efa9fdfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29499", "type": "seen", "source": "https://t.me/cibsecurity/70562", "content": "\u203c CVE-2023-32636 \u203c\n\nA flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table validation may be very slow. This bug does not affect any released version of glib but does affect glib distributors who followed the guidance of glib developers to backport the initial fix for CVE-2023-29499.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T00:24:49.000000Z"}, {"uuid": "5da7cbbd-2c04-4257-934f-000d4f3ff88a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29499", "type": "seen", "source": "https://t.me/cibsecurity/70575", "content": "\u203c CVE-2023-29499 \u203c\n\nA flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T00:25:08.000000Z"}, {"uuid": "5e3e45cd-0635-4876-aad8-14bdf403403d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29495", "type": "seen", "source": "https://t.me/ctinow/170408", "content": "https://ift.tt/rCqz8Qh\nCVE-2023-29495", "creation_timestamp": "2024-01-19T21:27:17.000000Z"}, {"uuid": "98d645c2-612a-430f-a22b-3de0c6166e5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29491", "type": "seen", "source": "https://t.me/cibsecurity/62113", "content": "\u203c CVE-2023-29491 \u203c\n\nncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T08:40:04.000000Z"}, {"uuid": "0d91e263-a041-4f4d-afc5-e084ce82efbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29491", "type": "seen", "source": "https://t.me/sysodmins/19474", "content": "\ud83e\udeb2 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 ncurses, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0435 \u043d\u0430 Linux \u0438 MacOS\n\nMicrosoft \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 ncurses \u0440\u044f\u0434 \u043e\u0448\u0438\u0431\u043e\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c Linux \u0438 macOS.\n\n\u041d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0435 \u0431\u0430\u0433\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u0449\u0438\u0439 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2023-29491 \u0438 \u043d\u0430\u0431\u0440\u0430\u043b\u0438 7,8 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u043f\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043d\u0430 \u0430\u043f\u0440\u0435\u043b\u044c 2023 \u0433\u043e\u0434\u0430.\n\n\u00ab\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043e\u0439 \u0442\u0430\u043a\u0438\u043c \u043f\u0443\u0442\u0435\u043c \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0443\u043f\u0435\u043d\u0447\u0430\u0442\u043e\u0439 \u0430\u0442\u0430\u043a\u0438\u00bb, \u2014 \u043f\u0438\u0448\u0443\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2023-09-16T05:07:18.000000Z"}, {"uuid": "27d941c4-2a8d-426d-86da-de1e9ab5c227", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29492", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4e31d589-645c-4dde-9e95-f0f4759dd584", "content": "", "creation_timestamp": "2026-06-19T12:46:56.440163Z"}, {"uuid": "44084dfe-474f-4cc7-817d-4240459293c1", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29492", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8511ec14-4c64-427e-9044-75a268cf17f2", "content": "", "creation_timestamp": "2026-06-23T14:05:39.422417Z"}]}