{"vulnerability": "CVE-2023-2033", "sightings": [{"uuid": "4f04ee80-cb89-4805-9a04-c8dcb7389b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "4cd714fb-f491-4876-8333-50239be71a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971801", "content": "", "creation_timestamp": "2024-12-24T20:34:14.059427Z"}, {"uuid": "40c29c0f-a29f-45dc-bf44-977fa449d18c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:40.000000Z"}, {"uuid": "4a104cbe-c069-40f4-ad99-4612eabbe938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1010", "content": "", "creation_timestamp": "2023-04-17T04:00:00.000000Z"}, {"uuid": "607dc97a-de8b-4771-b24a-9889e8cbc1e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1009", "content": "", "creation_timestamp": "2023-04-17T04:00:00.000000Z"}, {"uuid": "8ca354a6-2409-4e55-ae98-9bdf42cf98c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/cf939064-80a0-4ae4-8c28-487662ba7ac3", "content": "", "creation_timestamp": "2026-02-02T12:27:01.002088Z"}, {"uuid": "24af3160-efeb-4676-a572-a7fcf5370e28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://t.me/cKure/10949", "content": "Double zero-day vulnerabilities in Chrome and Edge \u2013 check your versions now.\n\nCVE-2023-2033: Type confusion in V8 in Google Chrome prior to 112.0.5615.121. A remote attacker could potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High.\n\nCVE-2023-2136: Integer overflow in Skia in Google Chrome prior to 112.0.5615.137. A remote attacker who had compromised the renderer process could potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High.\n\nhttps://nakedsecurity.sophos.com/2023/04/24/double-zero-day-in-chrome-and-edge-check-your-versions-now/", "creation_timestamp": "2023-04-24T20:54:21.000000Z"}, {"uuid": "4cb681d2-fa98-4574-98c6-27d9eef874c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4281", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA collection of resources and information about CVE-2023-2033\nURL\uff1ahttps://github.com/sandumjacob/CVE-2023-2033-Analysis\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-01T14:56:01.000000Z"}, {"uuid": "9ffe1a10-ee20-415e-8f46-8f4ac05fc432", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4195", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aReproduce CVE-2023-2033\nURL\uff1ahttps://github.com/insoxin/CVE-2023-2033\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-04-17T00:30:32.000000Z"}, {"uuid": "57afe2f2-cc21-41df-9ee5-832710a74377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://t.me/ckuRED/281", "content": "Double zero-day vulnerabilities in Chrome and Edge \u2013 check your versions now.\n\nCVE-2023-2033: Type confusion in V8 in Google Chrome prior to 112.0.5615.121. A remote attacker could potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High.\n\nCVE-2023-2136: Integer overflow in Skia in Google Chrome prior to 112.0.5615.137. A remote attacker who had compromised the renderer process could potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High.\n\nhttps://nakedsecurity.sophos.com/2023/04/24/double-zero-day-in-chrome-and-edge-check-your-versions-now/", "creation_timestamp": "2023-04-24T20:54:08.000000Z"}, {"uuid": "347d5473-ab69-4441-9008-2358c564fc6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/itsec_news/3741", "content": "\u200b\u26a1\ufe0f\u042d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 Google Chrome \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0448\u0435\u0441\u0442\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 2023 \u0433\u043e\u0434\u0443\n\n\ud83d\udcac Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f Chrome, \u0447\u0442\u043e\u0431\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u043c\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043a CVE-2023-6345, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u044b\u0439 \u0431\u0430\u0433 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432 Skia, \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 2D \u0433\u0440\u0430\u0444\u0438\u043a\u0438. \u0415\u0451 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0411\u0435\u043d\u0443\u0430 \u0421\u0435\u0432\u0435\u043d\u0441 \u0438 \u041a\u043b\u0435\u043c\u0430\u043d \u041b\u0435\u0441\u0438\u043d\u044c \u0438\u0437 \u0413\u0440\u0443\u043f\u043f\u044b \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0443\u0433\u0440\u043e\u0437 Google (TAG) 24 \u043d\u043e\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430.\n\nGoogle \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b, \u0447\u0442\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f CVE-2023-6345, \u043d\u043e \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u043b\u0438 \u0443\u0433\u0440\u043e\u0437\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0435\u0451 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c.\n\n\u041e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 2023 \u0433\u043e\u0434\u0430 Google \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u043b \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432 Skia (CVE-2023-2136), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c. \u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c, \u0447\u0442\u043e CVE-2023-6345 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u044d\u0442\u043e\u0442 \u043f\u0430\u0442\u0447.\n\nCVE-2023-2136 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443, \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0432\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e HTML-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0433\u043e\u0434\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u043c\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Chrome, \u0432\u043a\u043b\u044e\u0447\u0430\u044f:\n\nCVE-2023-2033 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8) - \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 V8,\nCVE-2023-2136 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.6) - \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0432 Skia,\nCVE-2023-3079 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8) - \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 V8,\nCVE-2023-4762 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8) - \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 V8,\nCVE-2023-4863 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8) - \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 WebP,\nCVE-2023-5217 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8.8) - \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0435 vp8 \u0432 libvpx.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 Chrome 119.0.6045.199/.200 \u0434\u043b\u044f Windows \u0438 119.0.6045.199 \u0434\u043b\u044f macOS \u0438 Linux, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u0433\u0440\u043e\u0437\u044b. \u0422\u0430\u043a\u0436\u0435 \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 Chromium, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Microsoft Edge, Brave, Opera \u0438 Vivaldi, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0442\u0430\u043d\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-30T11:12:53.000000Z"}, {"uuid": "7c2a082f-d95a-4a59-b373-67c40619e61b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/itsec_news/2654", "content": "\u200b\u26a1\ufe0fGoogle \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Chrome.\n\n\ud83d\udcac \u0412\u0447\u0435\u0440\u0430 Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Chrome, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-3079 , \u0431\u044b\u043b\u0430 \u043e\u043f\u0438\u0441\u0430\u043d\u0430 \u043a\u0430\u043a \u043e\u0448\u0438\u0431\u043a\u0430 \u00abType Confusion\u00bb (\u00ab\u041f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432\u00bb) \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 JavaScript V8. \u0421\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0438\u0437 \u0433\u0440\u0443\u043f\u043f\u044b \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0443\u0433\u0440\u043e\u0437 Google TAG \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435 1 \u0438\u044e\u043d\u044f \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c NIST, \u043e\u0448\u0438\u0431\u043a\u0430 \u0432\u0432\u043e\u0434\u0430 V8 \u0432 Google Chrome \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 114.0.5735.110 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u00abHeap Corruption\u00bb (\u00ab\u041f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043a\u0443\u0447\u0438\u00bb) \u0447\u0435\u0440\u0435\u0437 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0443\u044e HTML-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0433\u0438\u0433\u0430\u043d\u0442, \u043a\u0430\u043a \u044d\u0442\u043e \u043e\u0431\u044b\u0447\u043d\u043e \u0431\u044b\u0432\u0430\u0435\u0442, \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e \u0445\u0430\u0440\u0430\u043a\u0442\u0435\u0440\u0435 \u0430\u0442\u0430\u043a, \u043d\u043e \u043e\u0442\u043c\u0435\u0442\u0438\u043b, \u0447\u0442\u043e \u0435\u043c\u0443 \u00ab\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2023-3079 \u0443\u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 (ITW)\u00bb.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Google \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0443\u0436\u0435 \u0442\u0440\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Chrome \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430. \u041a \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u043e\u0439 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0432\u0441\u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043e \u0434\u0432\u0443\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445:\nCVE-2023-2033 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,8) \u2014 Type Confusion \u0432 V8;\nCVE-2023-2136 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9,6) \u2014 Integer Overflow \u0432 Skia.\n\n\u0412\u0441\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f, \u0435\u0441\u043b\u0438 \u044d\u0442\u043e\u0433\u043e \u0435\u0449\u0451 \u043d\u0435 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e \u0432 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435, \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c Chrome \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 114.0.5735.110 \u0434\u043b\u044f Windows \u0438 114.0.5735.106 \u0434\u043b\u044f macOS \u0438 Linux \u0434\u043b\u044f \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 Chromium, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Microsoft Edge, Brave, Opera \u0438 Vivaldi, \u0442\u0430\u043a\u0436\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u043c\u0435\u0440\u0435 \u0435\u0433\u043e \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-06-06T16:01:52.000000Z"}, {"uuid": "b767af49-82a0-40d9-8744-7fa99b60645a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/itsec_news/3885", "content": "\u200b\u26a1\ufe0fCVE-2023-7024: \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 0-day \u0432 Chrome \u0443\u0433\u0440\u043e\u0436\u0430\u0435\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432\n\n\ud83d\udcac \u0412\u0447\u0435\u0440\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0432\u0435\u0431-\u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 Chrome, \u0447\u0442\u043e\u0431\u044b \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u0443\u044e zero-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f, \u0443\u0436\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u0435 CVE-2023-7024 , \u043e\u043f\u0438\u0441\u0430\u043d\u0430 \u043a\u0430\u043a \u043e\u0448\u0438\u0431\u043a\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 WebRTC. \u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044f\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0435 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435. \u0412 Google \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2023-7024 \u0443\u0436\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 \u0441\u0442\u0430\u043b\u0430 \u0432\u043e\u0441\u044c\u043c\u043e\u0439 \u043f\u043e \u0441\u0447\u0451\u0442\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u00abzero-day\u00bb \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0432 Chrome \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0433\u043e\u0434\u0430.\n\n\u041a \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u043c \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f:\n\nCVE-2023-2033 (CVSS \u043e\u0446\u0435\u043d\u043a\u0430: 8.8) \u2014 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 V8;\n\nCVE-2023-2136 (CVSS \u043e\u0446\u0435\u043d\u043a\u0430: 9.6) \u2014 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0446\u0435\u043b\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0432 Skia;\n\nCVE-2023-3079 (CVSS \u043e\u0446\u0435\u043d\u043a\u0430: 8.8) \u2014 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 V8;\n\nCVE-2023-4762 (CVSS \u043e\u0446\u0435\u043d\u043a\u0430: 8.8) \u2014 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 V8;\n\nCVE-2023-4863 (CVSS \u043e\u0446\u0435\u043d\u043a\u0430: 8.8) \u2014 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 WebP;\n\nCVE-2023-5217 (CVSS \u043e\u0446\u0435\u043d\u043a\u0430: 8.8) \u2014 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 vp8 \u0432 libvpx;\n\nCVE-2023-6345 (CVSS \u043e\u0446\u0435\u043d\u043a\u0430: 9.6) \u2014 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0446\u0435\u043b\u043e\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0432 Skia.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u0441\u0430\u043c\u044b\u043c\u0438 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u043c\u0438 \u0442\u0438\u043f\u0430\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 2023 \u0433\u043e\u0434\u0443 \u0441\u0442\u0430\u043b\u0438: \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430, \u043e\u0431\u0445\u043e\u0434 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u043e\u043c, \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0432\u0432\u043e\u0434\u0430.\n\n\u0412\u0441\u0435\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Chrome \u043d\u0430 \u043b\u044e\u0431\u044b\u0445 \u043d\u0430\u0441\u0442\u043e\u043b\u044c\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f. \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f \u0432\u0435\u0440\u0441\u0438\u044f 120.0.6099.129 \u0438 \u0441\u0432\u0435\u0436\u0435\u0435.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 Chromium, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Microsoft Edge, Brave, Opera, Vivaldi \u0438 \u042f\u043d\u0434\u0435\u043a\u0441 \u0411\u0440\u0430\u0443\u0437\u0435\u0440, \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043a\u0430\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u043d\u0438 \u0441\u0442\u0430\u043d\u0443\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-12-21T10:17:35.000000Z"}, {"uuid": "4e705287-469c-43ec-aa47-7a9213dbcfbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://t.me/slonser_notes/683", "content": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2033\n\u0427\u0435\u043b\u0438\u043a \u0431\u0430\u0437\u044b \u043d\u0430\u0432\u0430\u043b\u0438\u043b", "creation_timestamp": "2023-04-20T13:40:09.000000Z"}, {"uuid": "d73328e0-9690-4915-8bd9-e168432d64cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/kasperskyb2b/573", "content": "\u26a1\ufe0f\u26a1\ufe0f\u26a1\ufe0f\u26a1\ufe0f\u041e\u0431\u043d\u043e\u0432\u0438\u0442\u0435 Chrome, Edge \u0438 Brave\n\n\u0412\u0435\u0447\u0435\u0440\u043e\u043c \u0432 \u043f\u044f\u0442\u043d\u0438\u0446\u0443 Google \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0441\u0440\u043e\u0447\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2023-2033 \u0432 Chrome \u0438 Chromium, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u043f\u043e\u0441\u0435\u0449\u0435\u043d\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b. \u041e\u0448\u0438\u0431\u043a\u0430 \u0432 Javascript-\u0434\u0432\u0438\u0436\u043a\u0435 V8 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u043e\u0432, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 Chromium, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Chrome, Brave \u0438 MS Edge. Google \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0441\u043f\u0435\u0448\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043f\u0430\u0442\u0447\u0430 \u043d\u0435\u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u0430. Microsoft \u0442\u043e\u0436\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f Edge.  \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f Chrome \u0438\u043c\u0435\u0435\u0442 \u043d\u043e\u043c\u0435\u0440 112.0.5615.121.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-04-17T09:48:44.000000Z"}, {"uuid": "3b76bc9a-dba6-4603-8bb6-96f4ffce9cd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "Telegram/QAczKYY1AjlKpyXyD7J422tVel4nX10bghdW00h3kJEqUmA", "content": "", "creation_timestamp": "2023-04-15T11:25:53.000000Z"}, {"uuid": "6206eafd-bbbf-43ae-b62a-25ef89039d73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/darkcommunityofficial/520", "content": "\ud83d\udd25\ud83d\udd25\ud83d\udd25[0-day] JIT optimisation issue(Issue 1432210, CVE-2023-2033, Blink&gt;JavaScript&gt;Runtime &amp; Blink&gt;JavaScript&gt;Compiler)\n\"There seems to be a JIT optimisation issue allowing attacker to leak TheHole value. Filling this bug now as it is used ITW and we have a PoC demonstrating the issue. This might be an issue similar to CVE-2022-1364.\"\n\nHow to reproduce:\nTheHole leaked when using optimization.\n\ud83d\udcbe$ ./d8 --allow-natives-syntax hole.js\n\nSame code fails with no optimization.\n\ud83d\udcbe$ ./d8 --allow-natives-syntax --no-opt hole.js", "creation_timestamp": "2024-04-26T21:56:54.000000Z"}, {"uuid": "470d0d2a-e425-4395-884b-8ef323532384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://t.me/arpsyndicate/945", "content": "#ExploitObserverAlert\n\nCVE-2023-2033\n\nDESCRIPTION: Exploit Observer has 23 entries related to CVE-2023-2033. Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\nFIRST-EPSS: 0.015640000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-03T13:42:26.000000Z"}, {"uuid": "7be81a3b-5fa4-4df2-af2b-b2987753caef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/2771", "content": "\ud83c\udfa9[0-day] JIT optimisation issue(Issue 1432210, CVE-2023-2033, Blink&gt;JavaScript&gt;Runtime &amp; Blink&gt;JavaScript&gt;Compiler)\n\"There seems to be a JIT optimisation issue allowing attacker to leak TheHole value. Filling this bug now as it is used ITW and we have a PoC demonstrating the issue. This might be an issue similar to CVE-2022-1364.\"\n\n\ud83c\udfa9How to reproduce:\nTheHole leaked when using optimization.\n\ud83c\udfa9$ ./d8 --allow-natives-syntax hole.js\n\nSame code fails with no optimization.\n\ud83c\udfa9$ ./d8 --allow-natives-syntax --no-opt hole.js", "creation_timestamp": "2023-07-22T08:01:17.000000Z"}, {"uuid": "1a66c2a3-fa33-4fae-9fb1-b6a0f2673f9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/2770", "content": "\ud83c\udfa9Chrome actively exploited 0-day vulnerability (CVE-2023-2033: type confusion in V8 engine, here fix)", "creation_timestamp": "2023-07-22T08:01:17.000000Z"}, {"uuid": "776e1f68-0e67-4a53-989f-715a371abe06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "published-proof-of-concept", "source": "Telegram/72q_6K-Gw2SSBLexfL7RRBs4aQAazbzl569yjTYRGLrjOQ", "content": "", "creation_timestamp": "2023-07-22T15:31:47.000000Z"}, {"uuid": "e05bf079-6be9-44fe-a4f0-5b8bb7f060fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://t.me/JerusalemElectronicArmy/633", "content": "#\u0623\u062e\u0628\u0627\u0631_\u0627\u0644\u0633\u0627\u064a\u0628\u0631\n\u062a\u062d\u062f\u064a\u062b \u0623\u0645\u0646\u064a \u0639\u0627\u062c\u0644 \u0644\u0645\u062a\u0635\u0641\u062d  Google Chrome \u064a\u0648\u0645 \u0627\u0644\u0623\u0631\u0628\u0639\u0627\u0621 \u064a\u0647\u062f\u0641 \u0627\u0644\u062a\u062d\u062f\u064a\u062b  \u0644\u0625\u0635\u0644\u0627\u062d\u0627\u062a \u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u062b\u063a\u0631\u0627\u062a \u062e\u0637\u064a\u0631\u0629  \u062a\u0645 \u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0628\u0634\u0643\u0644 \u0646\u0634\u0637 \u0641\u064a \u0627\u0644\u0645\u062a\u0635\u0641\u062d.\n\u062a\u0645 \u0623\u0636\u0627\u0641\u0629 \u0631\u0642\u0645 \u062a\u062a\u0628\u0639 \u0644\u0644\u062b\u063a\u0631\u0629 : \"CVE-2023-5217-heap-based buffer overflow\" \n\u0627\u0631\u062a\u0641\u0639 \u0639\u062f\u062f \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u062a\u064a \u062a\u0645 \u0627\u0643\u062a\u0634\u0627\u0641\u0647\u0627 \u0648\u0627\u0633\u062a\u063a\u0644\u0627\u0644\u0647\u0627 \u0641\u064a \u0645\u062a\u0635\u0641\u062d \u062c\u0648\u062c\u0644 \u0643\u0631\u0648\u0645 \u0625\u0644\u0649 5 \u062b\u063a\u0631\u0627\u062a \u0647\u0630\u0627 \u0627\u0644\u0639\u0627\u0645. \nCVE-2023-2033 (CVSS score: 8.8) - Type confusion in V8\nCVE-2023-2136 (CVSS score: 9.6) - Integer overflow in Skia\nCVE-2023-3079 (CVSS score: 8.8) - Type confusion in V8\nCVE-2023-4863 (CVSS score: 8.8) - Heap buffer overflow in WebP\n\u0644\u0645\u0632\u064a\u062f \u0645\u0646 \u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644: \u0623\u0646\u0642\u0631 \u0647\u0646\u0627 \n#\u062c\u064a\u0634_\u0627\u0644\u0642\u062f\u0633_\u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a", "creation_timestamp": "2023-09-28T11:50:41.000000Z"}, {"uuid": "e77ba57c-fef6-45c3-9e5d-c01dba94c22f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/breachdetector/240011", "content": "{\n  \"Source\": \"https://exploit.in/\",\n  \"Content\": \"Google \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0441\u0440\u043e\u0447\u043d\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-2033\", \n  \"author\": \"News Support\",\n  \"Detection Date\": \"17 Apr 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-04-17T07:52:57.000000Z"}, {"uuid": "19d64f07-b622-4268-9a87-729b628622fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "published-proof-of-concept", "source": "Telegram/qOVk7R6H8Ouiw3Eb2J-4J1KnRa8kFzvdmzGqGyQc12UpN38", "content": "", "creation_timestamp": "2023-08-20T16:41:30.000000Z"}, {"uuid": "e03b407d-bab4-4bc9-8b3a-6331d96a1611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "Telegram/XULQ1z3mVPfXxGp-jl7OkKzevhkAnDt89Vg70kUreoH08wg", "content": "", "creation_timestamp": "2024-08-28T18:13:43.000000Z"}, {"uuid": "62715fd1-1961-4ebc-9421-1e550e87f653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/CyberSecurityIL/21620", "content": "\u05e2\u05d3\u05db\u05d5\u05df \u05d7\u05d9\u05e8\u05d5\u05dd \u05e9\u05dc \u05d2\u05d5\u05d2\u05dc \u05db\u05e8\u05d5\u05dd \u05dc\u05d7\u05d5\u05dc\u05e9\u05ea Zero-Day \u05e8\u05d0\u05e9\u05d5\u05e0\u05d4 \u05dc\u05e9\u05e0\u05ea 2023.\n\n\u05d4\u05e2\u05d3\u05db\u05d5\u05df \u05e1\u05d5\u05d2\u05e8 \u05d0\u05ea \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 CVE-2023-2033 \u05e9\u05e7\u05d9\u05d1\u05dc\u05d4 \u05d3\u05e8\u05d2\u05ea \u05e1\u05d9\u05db\u05d5\u05df \u05d2\u05d1\u05d5\u05d4\u05d4 \u05d5\u05e9\u05e4\u05e8\u05d8\u05d9\u05d4 \u05d4\u05d8\u05db\u05e0\u05d9\u05d9\u05dd \u05dc\u05d0 \u05e4\u05d5\u05e8\u05e1\u05de\u05d5 \u05e2\u05d3\u05d9\u05d9\u05df \u05de\u05d7\u05e9\u05e9 \u05dc\u05e0\u05d9\u05e6\u05d5\u05dc \u05e8\u05d7\u05d1 \u05d9\u05d5\u05ea\u05e8 \u05e9\u05dc \u05d2\u05d5\u05e8\u05de\u05d9 \u05ea\u05e7\u05d9\u05e4\u05d4.\n\n\u05d1\u05d4\u05d5\u05d3\u05e2\u05d4 \u05e9\u05e4\u05d9\u05e8\u05e1\u05de\u05d4 \u05d2\u05d5\u05d2\u05dc \u05d4\u05d9\u05d0 \u05de\u05d3\u05d5\u05d5\u05d7\u05ea \u05db\u05d9 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05db\u05d1\u05e8 \u05de\u05e0\u05d5\u05e6\u05dc\u05ea \u05d1\u05e4\u05d5\u05e2\u05dc \u05d5\u05db\u05d9 \u05d4\u05d2\u05e8\u05e1\u05d4 \u05d4\u05de\u05e2\u05d5\u05d3\u05db\u05e0\u05ea \u05d4\u05d9\u05d0 112.0.5615.121.\n\nhttps://t.me/CyberSecurityIL/2919\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea", "creation_timestamp": "2023-04-16T11:14:57.000000Z"}, {"uuid": "802fb2dc-fb0d-4f42-8b9b-4c565d949d94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3929", "content": "\ud83d\udc7e\ud83c\udf7aWindows11 Exploits : https://system32.ink/windows11-exploits/\n\n\ud83d\udca9\ud83d\udca5TCL Chinese Theatres Data Leak : https://system32.ink/tcl-chinese-theatres-data-leak/\n\n\u2b50\ud83d\udd30Chrome CVE-2023-2033 PoC : https://system32.ink/chrome-cve-2023-2033-poc/\n\n\ud83d\udc7e\ud83d\udca5\u26a1Cloudpanel 0-day Exploit : https://system32.ink/cloudpanel-0-day-exploit-cve-2023-35885/\n\n\u2623\ufe0f\u26a1WooCommerce Payments: Unauthorized Admin Access Exploit : https://system32.ink/woocommerce-payments-unauthorized-admin-access-exploit-cve-2023-28121/\n\n@Crackcodes | System32.ink | Crackcodes.in", "creation_timestamp": "2023-07-23T16:31:42.000000Z"}, {"uuid": "3451e418-3f49-4ca4-9148-95dcd2fe9597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/true_secator/4292", "content": "Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043f\u0435\u0440\u0432\u043e\u0439 \u0437\u0430 \u044d\u0442\u043e\u0442 \u0433\u043e\u0434 0-day \u0432 Chrome, \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0431\u044b\u043b \u0437\u0430\u043c\u0435\u0447\u0435\u043d \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (CVE-2023-2033) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u00a0\u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0435\u0439 \u0442\u0438\u043f\u043e\u0432\u00a0\u0432 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0435 JavaScript Chrome V8.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u044b \u0442\u0438\u043f\u043e\u0432 \u043e\u0431\u044b\u0447\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u0437\u044b\u0432\u0430\u0442\u044c \u0441\u0431\u043e\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043f\u0443\u0442\u0435\u043c \u0447\u0442\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0430\u043c\u044f\u0442\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u0431\u0443\u0444\u0435\u0440\u0430.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u041a\u043b\u0435\u043c\u0430\u043d \u041b\u0435\u0441\u0438\u043d \u0438\u0437 Google (TAG), \u0443\u0447\u0430\u0441\u0442\u0438\u044f \u0432 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 0-day \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e, \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u0410\u0420\u0422.\n\n\u041d\u0435 \u0438\u0441\u043a\u043b\u044e\u0447\u0430\u044e\u0442\u0441\u044f \u0438 \u043d\u043e\u0432\u044b\u0435 \u0440\u0430\u0437\u043e\u0431\u043b\u0430\u0447\u0435\u043d\u0438\u044f \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 spyware.\n\n\u0412 \u043b\u044e\u0431\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 Google, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0441\u0432\u043e\u044e \u043e\u0441\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c, \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445.\n\n\u041d\u043e\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f Chrome \u0434\u043b\u044f Windows, Mac \u0438 Linux \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u0434\u043d\u0438 \u0441\u0442\u0430\u043d\u0435\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e 112.0.5615.121.\n\n\u0412\u043e\u043e\u0431\u0449\u0435 \u0436\u0435, \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u0443\u0436\u0435 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043e 20 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0439 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c 0-day. \u041f\u0440\u0438\u0447\u0435\u043c 12 \u0438\u0437 \u043d\u0438\u0445 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u043b\u0438 \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043e\u0442 \u0432\u0435\u0434\u0443\u0449\u0438\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432: Microsoft, Apple \u0438 Google.", "creation_timestamp": "2023-04-17T12:05:37.000000Z"}, {"uuid": "f0317476-6952-44ba-a02b-74d81686254f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/true_secator/4836", "content": "Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f 0-day \u0432 Chrome 116.\n\nCVE-2023-4863, \u0438\u043c\u0435\u044e\u0449\u0430\u044f \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 WebP, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0441\u0431\u043e\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\nWebP - \u044d\u0442\u043e \u0444\u043e\u0440\u043c\u0430\u0442 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u043d\u043e\u0435 \u0441\u0436\u0430\u0442\u0438\u0435 \u0438 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c\u0438 \u0444\u043e\u0440\u043c\u0430\u0442\u0430\u043c\u0438 JPEG \u0438 PNG \u0438 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432\u0441\u0435\u043c\u0438 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0430\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Chrome, Firefox, Safari, Edge \u0438 Opera.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044f\u043c Google, \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2023-4863 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e 6 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u043f\u043e\u0441\u043b\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f Apple Security Engineering and Architecture (SEAR) \u0438 Citizen Lab, \u043a\u043e\u0442\u043e\u0440\u0430\u044f, \u043a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0438 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 spyware.\n\n\u041a\u0430\u043a \u043e\u0431\u044b\u0447\u043d\u043e, Google \u0432\u043e\u0437\u0434\u0435\u0440\u0436\u0430\u043b\u0430\u0441\u044c \u043e\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0435\u043c\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0437\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0441\u0442\u043e\u044f\u043b\u0438 SEAR \u0438 Citizen Lab, \u0441 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0434\u043e\u043b\u0435\u0439 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u0438, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u043e\u0433\u043e \u041f\u041e.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u0430\u0442\u0447 Google Chrome \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0432\u0441\u0435\u0433\u043e \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a Apple \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438\u00a00-day \u0432 iOS \u0438 macOS, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 Citizen Lab \u0432 \u0445\u043e\u0434\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0439 \u0441\u043e \u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0438\u043c \u041f\u041e Pegasus \u043e\u0442 NSO Group.\n\nCVE-2023-4863\u00a0- \u044d\u0442\u043e \u0443\u0436\u0435 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u0430\u044f 0-day, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f Google \u0432 Chrome \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 \u043f\u043e\u0441\u043b\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f CVE-2023-3079\u00a0(\u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 V8) \u0432 \u0438\u044e\u043d\u0435, \u0430 \u0442\u0430\u043a\u0436\u0435 CVE-2023-2033\u00a0(\u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0430 \u0442\u0438\u043f\u043e\u0432 \u0432 \u0434\u0432\u0438\u0436\u043a\u0435 V8) \u0438\u00a0CVE-2023-2136 (\u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0432 Skia) \u0432 \u0430\u043f\u0440\u0435\u043b\u0435.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f Chrome \u0442\u0435\u043f\u0435\u0440\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043a\u0430\u043a 116.0.5845.187 \u0434\u043b\u044f macOS \u0438 Linux \u0438 \u043a\u0430\u043a \u0432\u0435\u0440\u0441\u0438\u0438 116.0.5845.187/.188 \u0434\u043b\u044f Windows.", "creation_timestamp": "2023-09-12T14:01:05.000000Z"}, {"uuid": "c86b1e26-ec1d-4129-afe6-02984dea29fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3925", "content": "\ud83d\udc7e\ud83c\udf7aWindows11 Exploits : https://system32.ink/windows11-exploits/\n\n\ud83d\udca9\ud83d\udca5TCL Chinese Theatres Data Leak : https://system32.ink/tcl-chinese-theatres-data-leak/\n\n\u2b50\ud83d\udd30Chrome CVE-2023-2033 PoC : https://system32.ink/chrome-cve-2023-2033-poc/\n\n\ud83d\udc7e\ud83d\udca5\u26a1Cloudpanel 0-day Exploit : https://system32.ink/cloudpanel-0-day-exploit-cve-2023-35885/\n\n\u2623\ufe0f\u26a1WooCommerce Payments: Unauthorized Admin Access Exploit : https://system32.ink/woocommerce-payments-unauthorized-admin-access-exploit-cve-2023-28121/\n\n@Crackcodes | System32.ink | Crackcodes.in", "creation_timestamp": "2023-07-23T03:58:34.000000Z"}, {"uuid": "5fd70cbb-165b-48bf-9692-d121b93abad3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/crackcodes/3233", "content": "\ud83d\udca5Chrome actively exploited 0-day vulnerability (CVE-2023-2033: type confusion in V8 engine, here fix)\n\n\ud83e\udd19Thx @hosselot", "creation_timestamp": "2023-04-15T16:33:23.000000Z"}, {"uuid": "d4649904-5781-4131-936c-d7a3e921e565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "seen", "source": "https://t.me/cibsecurity/62179", "content": "\u203c CVE-2023-2033 \u203c\n\nType confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T22:26:08.000000Z"}, {"uuid": "8b56f55d-2181-4dae-8a82-826908552f18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/thehackernews/3248", "content": "\ud83d\udd10 URGENT: Google releases out-of-band updates for a new actively exploited zero-day vulnerability (CVE-2023-2033) in Chrome browser.\n\nRead details: https://thehackernews.com/2023/04/google-releases-urgent-chrome-update-to.html\n\nFirst one addressed this year! Update to version 112.0.5615.121 ASAP!", "creation_timestamp": "2023-04-17T09:19:22.000000Z"}, {"uuid": "1a92aec8-df12-4013-9f39-2dcebae91f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "Telegram/OIshL_wWdFaT3xufeaArmmCdiL-7vmg0YZ3FnWI19D4hjLHXXw", "content": "", "creation_timestamp": "2023-06-24T15:10:39.000000Z"}, {"uuid": "e1dc5b99-1460-4f07-9277-0c49a02923de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "exploited", "source": "https://t.me/SecLabNews/13621", "content": "Google \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0441\u0440\u043e\u0447\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Chrome, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f CVE-2023-2033, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0443\u044e\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0423\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u0438\u0447\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043f\u0430\u0440\u043e\u043b\u044f\u043c \u0438 \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n#Google, #Chrome, #\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, #CVE2023-2033 @SecLabNews", "creation_timestamp": "2023-04-16T19:37:06.000000Z"}, {"uuid": "725cfc3f-99de-4636-93d4-748c6e9be0ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2033", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8790", "content": "#exploit\n1. CVE-2023-2033:\nType confusion in V8 in Google Chrome\nhttps://github.com/mistymntncop/CVE-2023-2033\n\n2. CVE-2023-36168:\nAVG Anti Spyware 7.5 - Unquoted Service Path\nhttps://github.com/TraiLeR2/CVE-2023-36168", "creation_timestamp": "2023-08-04T11:00:38.000000Z"}]}