{"vulnerability": "CVE-2023-2186", "sightings": [{"uuid": "df293fc7-50bc-4b5d-9c7f-7bf3a8219dd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21867", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3705", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPOC and Scanner for CVE-2023-24055\nURL\uff1ahttps://github.com/Live-Hack-CVE/CVE-2023-21867\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-01-24T22:52:22.000000Z"}, {"uuid": "2174fa03-5082-446e-9a5c-7547766047f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21867", "type": "published-proof-of-concept", "source": "Telegram/-3iReh3T6bPmUI9BLCEdfKilXbeOAtkjMJu1cqK_hdXRW1Q", "content": "", "creation_timestamp": "2023-03-05T09:17:01.000000Z"}, {"uuid": "17eefae6-dd7c-420f-9c06-be7aa47108fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2186", "type": "seen", "source": "https://t.me/cibsecurity/65030", "content": "\u203c CVE-2023-2186 \u203c\n\nOn Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can send a specially crafted broadcast message including format string characters to the SCADA Data Gateway to perform unrestricted memory reads.An unauthenticated user can use this format string vulnerability to repeatedly crash the GTWWebMonitor.exe process to DoS the Web Monitor. Furthermore, an authenticated user can leverage this vulnerability to leak memory from the GTWWebMonitor.exe process. This could be leveraged in an exploit chain to gain code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-07T12:29:57.000000Z"}, {"uuid": "6155cf08-0eb7-46b9-b1d3-9903728f7124", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21868", "type": "seen", "source": "https://t.me/cibsecurity/56641", "content": "\u203c CVE-2023-21868 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T02:26:31.000000Z"}, {"uuid": "3ec0332d-75dc-4ea2-8fa7-29d7831f7376", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21864", "type": "seen", "source": "https://t.me/cibsecurity/56646", "content": "\u203c CVE-2023-21864 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T02:29:34.000000Z"}, {"uuid": "e4995315-0961-43e4-89cf-d94b4bc18d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21867", "type": "seen", "source": "https://t.me/cibsecurity/56643", "content": "\u203c CVE-2023-21867 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T02:26:33.000000Z"}, {"uuid": "fccc7cd1-02d4-4f47-99d2-9a0e18a04834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21867", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2609", "content": "#CVE-2023\nA script to automate privilege escalation with CVE-2023-22809 vulnerability\nhttps://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc\n\n\nA script to automate privilege escalation with CVE-2023-22809 vulnerability\n\nhttps://github.com/Live-Hack-CVE/CVE-2023-22884\n\nPOC and Scanner for CVE-2023-24055\n\nhttps://github.com/Live-Hack-CVE/CVE-2023-21867\n\n\n@BlueRedTeam", "creation_timestamp": "2023-03-05T09:21:57.000000Z"}]}