{"vulnerability": "cve-2023-3754", "sightings": [{"uuid": "af3bd92b-a51a-4581-85aa-eddebd7cd8d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37549", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-04", "content": "", "creation_timestamp": "2025-04-22T10:00:00.000000Z"}, {"uuid": "1bcc510a-b4cc-483a-b45a-7da5e489e9ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37549", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-04", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "35acc4b6-a096-4e95-a835-3e32ade1daa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37548", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-04", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "deeed94b-453a-42e2-aaa4-3ba581b5a2b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37547", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-04", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "bb782460-e6e5-45a7-a92a-37c7988dd497", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37546", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-04", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "3968cec2-cc39-48af-8b5d-789528843c76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37545", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-04", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "cd9db48e-d95f-4214-978b-60fd80ec5988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37549", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-03", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "36f8fee9-da56-4260-b692-cb7bf21aed52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37548", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-03", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "153490d2-d4ca-4d12-a51a-40b421d94058", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37547", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-03", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "df54dd8b-f000-41bc-91cd-96c944d366a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37546", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-03", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "076df31a-34b7-46e8-b09a-5cb61605ad61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37545", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-03", "content": "", "creation_timestamp": "2025-04-03T10:00:00.000000Z"}, {"uuid": "82ce00fc-6d0e-41fe-be80-b32538e29001", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37548", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-04", "content": "", "creation_timestamp": "2025-04-22T10:00:00.000000Z"}, {"uuid": "5aa998f0-3956-454e-8e58-7a4fc49e195a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37547", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-04", "content": "", "creation_timestamp": "2025-04-22T10:00:00.000000Z"}, {"uuid": "b936ebfd-369d-493c-97db-2559bd891826", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37546", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-04", "content": "", "creation_timestamp": "2025-04-22T10:00:00.000000Z"}, {"uuid": "7e717d93-7c19-45ee-a876-73ec1e7a465d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37545", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-04", "content": "", "creation_timestamp": "2025-04-22T10:00:00.000000Z"}, {"uuid": "76f0238d-8d6c-4e37-a67c-06f6065be1ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-37545", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "45617e7c-92ab-42c3-99b6-86bc451004b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-37546", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "c017d493-bf0b-45cb-8de9-d20940d37b0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-37547", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "035c3882-f167-4f0d-90bb-c54e34d09dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-37548", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "50160b1b-b93f-4d75-829f-8455614e191f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-37549", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "995837e5-0557-44d4-aeaf-3248c07319b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37540", "type": "seen", "source": "https://t.me/ctinow/191520", "content": "https://ift.tt/Qcr6wIN\nCVE-2023-37540", "creation_timestamp": "2024-02-23T08:26:49.000000Z"}, {"uuid": "bf815ec8-1750-4de9-8f49-089c3dd14108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37541", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5415", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-37541\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.\n\ud83d\udccf Published: 2024-06-25T15:08:03.168Z\n\ud83d\udccf Modified: 2025-02-25T23:12:11.673Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119435", "creation_timestamp": "2025-02-25T23:24:27.000000Z"}, {"uuid": "74f85954-67d0-4a1c-b23e-87d20581d357", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37544", "type": "seen", "source": "https://t.me/ctinow/167823", "content": "https://ift.tt/k8opwbi\nCVE-2023-37544 | Apache Pulsar WebSocket Proxy up to 2.8.x/2.9.x/2.10.4/2.11.1/3.0.0 /pingpong improper authentication", "creation_timestamp": "2024-01-13T13:51:35.000000Z"}, {"uuid": "c091a152-345b-43bf-a04b-72e190ef0f9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37540", "type": "seen", "source": "https://t.me/ctinow/191525", "content": "https://ift.tt/Qcr6wIN\nCVE-2023-37540", "creation_timestamp": "2024-02-23T08:31:38.000000Z"}, {"uuid": "dd150ea6-9f15-49f9-b053-c27147dfb2af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3754", "type": "seen", "source": "https://t.me/cibsecurity/66992", "content": "\u203c CVE-2023-3754 \u203c\n\nA vulnerability, which was classified as problematic, was found in Creativeitem Ekushey Project Manager CRM 5.0. Affected is an unknown function of the file /index.php/client/message/message_read/xxxxxxxx[random-msg-hash]. The manipulation of the argument message leads to cross site scripting. It is possible to launch the attack remotely. VDB-234426 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T07:25:06.000000Z"}, {"uuid": "e429d9d0-5226-4919-8f38-b0dc06a1f637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37548", "type": "seen", "source": "https://t.me/cibsecurity/67662", "content": "\u203c CVE-2023-37550 \u203c\n\nIn multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00c2\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T16:39:59.000000Z"}, {"uuid": "7fb85bfc-85a8-4752-ae93-96f0d22bdd8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37546", "type": "seen", "source": "https://t.me/cibsecurity/67662", "content": "\u203c CVE-2023-37550 \u203c\n\nIn multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00c2\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T16:39:59.000000Z"}, {"uuid": "4200ea17-a920-4ddc-9b79-584457a1aa05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37547", "type": "seen", "source": "https://t.me/cibsecurity/67662", "content": "\u203c CVE-2023-37550 \u203c\n\nIn multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00c2\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T16:39:59.000000Z"}, {"uuid": "041ce7d6-8f91-4a0c-b526-df2ae5c2e409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37549", "type": "seen", "source": "https://t.me/cibsecurity/67662", "content": "\u203c CVE-2023-37550 \u203c\n\nIn multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00c2\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T16:39:59.000000Z"}, {"uuid": "512a468f-3d6c-4204-9c48-4cb58aae76cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37545", "type": "seen", "source": "https://t.me/cibsecurity/67662", "content": "\u203c CVE-2023-37550 \u203c\n\nIn multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546,\u00c2\u00a0CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T16:39:59.000000Z"}]}