{"vulnerability": "CVE-2023-20938", "sightings": [{"uuid": "36ce7049-b0f5-4e1e-9a4a-51cb116845c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20938", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwcpwyzjr42s", "content": "", "creation_timestamp": "2025-08-13T21:02:38.619866Z"}, {"uuid": "76b028fa-d814-419b-92dc-c4a52a65e825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20938", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13349", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938.\n\nhttps://coastlinecyber.com/hunting-for-aws-cognito-security-misconfigurations-a-guide-to-uncovering-hidden-dangers/", "creation_timestamp": "2024-07-28T20:20:04.000000Z"}, {"uuid": "781077a2-813d-46d0-acfc-4d6fdc8bef25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20938", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/254", "content": "Attacking Android Binder: Analysis and Exploitation of CVE-2023-20938\n\nAn article by Zi Fan Tan, Gulshan Singh, and Eugene Rodionov about exploiting a vulnerability in the Android Binder device driver that leads to a slab use-after-free.\n\nZi and Eugene also gave a talk (slides) about this work at OffensiveCon last month. There, they also shared the details about finding this vulnerability with a custom Linux Kernel Library\u2013based fuzzer.", "creation_timestamp": "2024-06-13T23:24:17.000000Z"}, {"uuid": "04248f0e-fc22-4dd3-8e9d-d7bc8a2c544c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20938", "type": "published-proof-of-concept", "source": "Telegram/91xq2yljWL5RObjqxZC8vMfawdPdbgsAg0W8g4_pLrCnJck", "content": "", "creation_timestamp": "2024-08-22T10:54:43.000000Z"}, {"uuid": "75408c20-2bcf-455a-a30b-378a8a9caf8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20938", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10625", "content": "#exploit\n1. Exploring the Unknown: Beneath the Surface of Unpatched WordPress SSRF\nhttps://patchstack.com/articles/exploring-the-unpatched-wordpress-ssrf\n\n2. CVE-2024-4358/CVE-2024-1800:\nTelerik Report Server deserialization/authentication bypass exploit chain\nhttps://github.com/sinsinology/CVE-2024-4358\n\n3. CVE-2023-20938:\nAttacking Android Binder\nhttps://androidoffsec.withgoogle.com/posts/attacking-android-binder-analysis-and-exploitation-of-cve-2023-20938", "creation_timestamp": "2024-06-04T18:48:59.000000Z"}]}