{"vulnerability": "cve-2023-3897", "sightings": [{"uuid": "d1128f89-0a88-4b4c-bb17-16a542fbfa55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38970", "type": "seen", "source": "https://t.me/cibsecurity/69497", "content": "\u203c CVE-2023-38970 \u203c\n\nCross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the Name of member parameter in the add new member function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T02:29:01.000000Z"}, {"uuid": "b69dc31b-b087-4f27-aacf-36cab5599f4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38976", "type": "seen", "source": "https://t.me/cibsecurity/68891", "content": "\u203c CVE-2023-38976 \u203c\n\nAn issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T20:41:06.000000Z"}, {"uuid": "3833cfb1-6321-43e6-abed-1f9e54d6e637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38975", "type": "seen", "source": "https://t.me/cibsecurity/69408", "content": "\u203c CVE-2023-38975 \u203c\n\n* Buffer Overflow vulnerability in qdrant v.1.3.2 allows a remote attacker cause a denial of service via the chucnked_vectors.rs component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T02:17:53.000000Z"}, {"uuid": "0a7868fa-bc91-4ee0-a6ba-93f9c10d4f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38971", "type": "seen", "source": "https://t.me/cibsecurity/69407", "content": "\u203c CVE-2023-38971 \u203c\n\nCross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T02:17:52.000000Z"}, {"uuid": "30f83063-ac82-46ac-947b-e2607ad07d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3897", "type": "seen", "source": "https://t.me/cibsecurity/67227", "content": "\u203c CVE-2023-3897 \u203c\n\nUser enumeration in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message.This issue affects SureMDM On-premise: 6.31 and below version\u00c2\u00a0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T12:28:25.000000Z"}]}