{"vulnerability": "CVE-2023-2235", "sightings": [{"uuid": "4f135a4d-b758-49b2-aa5d-748eedb88ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22358", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8923", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22358\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: In versions beginning with 7.2.2 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG-IP Edge Client Windows Installer.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udccf Published: 2023-02-01T17:54:31.501Z\n\ud83d\udccf Modified: 2025-03-26T18:02:11.485Z\n\ud83d\udd17 References:\n1. https://my.f5.com/manage/s/article/K76964818", "creation_timestamp": "2025-03-26T18:25:31.000000Z"}, {"uuid": "66e0a2bd-beb3-4bc1-8a42-26b33dccbf9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2235", "type": "seen", "source": "https://t.me/cibsecurity/63124", "content": "\u203c CVE-2023-2235 \u203c\n\nA use-after-free vulnerability in the Linux Kernel Performance Events system can be exploited to achieve local privilege escalation.The perf_group_detach function did not check the event's siblings' attach_state before calling add_event_to_groups(), but\u00c2\u00a0remove_on_exec made it possible to call list_del_event() on before detaching from their group, making it possible to use a dangling pointer causing a use-after-free vulnerability.We recommend upgrading past commit fd0815f632c24878e325821943edccc7fde947a2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-01T16:29:28.000000Z"}, {"uuid": "2e536802-efd5-4667-abb3-79f79e3e4184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22354", "type": "seen", "source": "https://t.me/cibsecurity/62543", "content": "\u203c CVE-2023-22354 \u203c\n\nDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-20T22:30:54.000000Z"}, {"uuid": "72e159c5-662c-4304-8139-53a1b254b6c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22357", "type": "seen", "source": "https://t.me/cibsecurity/56575", "content": "\u203c CVE-2023-22357 \u203c\n\nActive debug code exists in OMRON CP1L-EL20DR-D all versions, which may lead to a command that is not specified in FINS protocol being executed without authentication. A remote unauthenticated attacker may read/write in arbitrary area of the device memory, which may lead to overwriting the firmware, causing a denial-of-service (DoS) condition, and/or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-17T12:25:02.000000Z"}, {"uuid": "970f9af8-0518-4f6f-b19e-c89a0e35cc38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22350", "type": "seen", "source": "https://t.me/cibsecurity/57989", "content": "\u203c CVE-2023-22350 \u203c\n\nOut-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing parts management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T07:29:36.000000Z"}, {"uuid": "aefddfa3-dd01-4e60-94b6-729cab3a2b37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22353", "type": "seen", "source": "https://t.me/cibsecurity/57988", "content": "\u203c CVE-2023-22353 \u203c\n\nOut-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T07:29:35.000000Z"}, {"uuid": "1d5a4173-85ba-4326-81a7-7e5783fc2424", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22357", "type": "seen", "source": "https://t.me/anti_malware/14305", "content": "\u041f\u0440\u043e\u0448\u0438\u0432\u043a\u0443 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432 OMRON \u043b\u0443\u0447\u0448\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b Positive Technologies \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-22357. \u041a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430 \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.", "creation_timestamp": "2023-02-07T07:13:34.000000Z"}]}