{"vulnerability": "cve-2023-3665", "sightings": [{"uuid": "5e978059-b50c-40be-8d63-16846ad5b511", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36652", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17645", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-36652\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A SQL Injection in the users searching REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to read database data via SQL commands injected in the search parameter.\n\ud83d\udccf Published: 2023-12-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-27T14:40:05.922Z\n\ud83d\udd17 References:\n1. https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36652", "creation_timestamp": "2025-05-27T14:48:38.000000Z"}, {"uuid": "c1a7dd1c-cf9e-4b33-b9a9-ace43b9af9d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36650", "type": "seen", "source": "https://t.me/ctinow/161325", "content": "https://ift.tt/TxKfpS6\nCVE-2023-36650 | ProLion CryptoSpike 3.0.15P2 Update Package integrity check", "creation_timestamp": "2024-01-01T15:06:57.000000Z"}, {"uuid": "2bcbdee9-21bf-4380-aa98-560c3a8a3fea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36659", "type": "seen", "source": "https://t.me/cibsecurity/70593", "content": "\u203c CVE-2023-36659 \u203c\n\nAn issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service (loss of communication).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T12:25:19.000000Z"}, {"uuid": "c960a8c7-c599-49d4-8c3c-3c130251c8a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36658", "type": "seen", "source": "https://t.me/cibsecurity/70589", "content": "\u203c CVE-2023-36658 \u203c\n\nAn issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T12:25:15.000000Z"}, {"uuid": "f69bf3f7-4f28-4192-beb5-4cc65c701ac1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36657", "type": "seen", "source": "https://t.me/cibsecurity/70588", "content": "\u203c CVE-2023-36657 \u203c\n\nAn issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows (desktop shortcuts, narrator) can be abused for privilege escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T12:25:14.000000Z"}, {"uuid": "aaa22d8d-3061-49ff-bf9d-d64512f37db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36652", "type": "seen", "source": "https://t.me/ctinow/161343", "content": "https://ift.tt/Y9OnJ3I\nCVE-2023-36652 | ProLion CryptoSpike 3.0.15P2 REST API Endpoint search sql injection", "creation_timestamp": "2024-01-01T15:36:47.000000Z"}, {"uuid": "f5ad48a7-fd1a-445e-ad24-a2c09f46e47c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36651", "type": "seen", "source": "https://t.me/ctinow/161341", "content": "https://ift.tt/64l0fP9\nCVE-2023-36651 | ProLion CryptoSpike 3.0.15P2 REST API Endpoint hard-coded credentials", "creation_timestamp": "2024-01-01T15:36:44.000000Z"}, {"uuid": "6da07dac-26c6-4250-bdd1-b2b2bca1b7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3665", "type": "seen", "source": "https://t.me/cibsecurity/71592", "content": "\u203c CVE-2023-3665 \u203c\n\nA code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables,leading to denial of service and or the execution of arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T18:12:27.000000Z"}, {"uuid": "5252b540-eba5-44c2-8608-e4e0f8b2a9b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36655", "type": "seen", "source": "https://t.me/ctinow/160822", "content": "https://ift.tt/q9KWobn\nCVE-2023-36655 | ProLion CryptoSpike 3.0.15P2 Login REST API improper authentication", "creation_timestamp": "2023-12-30T09:06:54.000000Z"}, {"uuid": "8e0e0f0b-5e98-4d33-a9ab-176613013f1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-36656", "type": "published-proof-of-concept", "source": "https://github.com/jaegertracing/jaeger/security/advisories/GHSA-2w8w-qhg4-f78j", "content": "", "creation_timestamp": "2023-07-11T15:40:38.000000Z"}, {"uuid": "9d32b332-f353-47cc-ad1b-15c55e0ced34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-36656", "type": "published-proof-of-concept", "source": "https://github.com/jaegertracing/jaeger-ui/security/advisories/GHSA-vv24-rm95-q56r", "content": "", "creation_timestamp": "2023-07-11T15:33:08.000000Z"}, {"uuid": "c11261ac-d398-4623-a3ba-66ab3dcf4ed3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36654", "type": "seen", "source": "https://t.me/ctinow/161321", "content": "https://ift.tt/4x7et3G\nCVE-2023-36654 | ProLion CryptoSpike 3.0.15P2 REST API Endpoint path traversal", "creation_timestamp": "2024-01-01T15:06:53.000000Z"}]}