{"vulnerability": "CVE-2023-2623", "sightings": [{"uuid": "87da71b4-d2fa-4c71-96fd-1615ff46030c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26234", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7821", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26234\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:H/S:U/UI:N)\n\ud83d\udd39 Description: JD-GUI 1.6.6 allows deserialization via UIMainWindowPreferencesProvider.singleInstance.\n\ud83d\udccf Published: 2023-02-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-17T18:41:30.736Z\n\ud83d\udd17 References:\n1. https://github.com/java-decompiler/jd-gui/issues/415\n2. https://github.com/java-decompiler/jd-gui/pull/417", "creation_timestamp": "2025-03-17T19:34:14.000000Z"}, {"uuid": "34ba228f-887b-491c-989f-521e0e86866f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26235", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7823", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26235\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: JD-GUI 1.6.6 allows XSS via util/net/InterProcessCommunicationUtil.java.\n\ud83d\udccf Published: 2023-02-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-17T18:40:39.620Z\n\ud83d\udd17 References:\n1. https://github.com/java-decompiler/jd-gui/pull/418", "creation_timestamp": "2025-03-17T19:34:15.000000Z"}, {"uuid": "d0344c89-db37-43b3-9850-31ad10041ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26237", "type": "seen", "source": "https://t.me/cibsecurity/71658", "content": "\u203c CVE-2023-26237 \u203c\n\nAn issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to bypass the defensive capabilities by adding a registry key as SYSTEM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-05T07:17:24.000000Z"}, {"uuid": "7cbb2fe2-ae33-4d86-b092-b02b5f816a3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26238", "type": "seen", "source": "https://t.me/cibsecurity/71657", "content": "\u203c CVE-2023-26238 \u203c\n\nAn issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-05T07:17:23.000000Z"}, {"uuid": "16473bec-b78f-4730-bd5d-4efa2fd3dd1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26236", "type": "seen", "source": "https://t.me/cibsecurity/71656", "content": "\u203c CVE-2023-26236 \u203c\n\nAn issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-05T07:17:22.000000Z"}, {"uuid": "824ebd2f-c88d-4acc-b4cc-67cf8374df9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26239", "type": "seen", "source": "https://t.me/cibsecurity/71655", "content": "\u203c CVE-2023-26239 \u203c\n\nAn issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of a password check, it is possible to obtain credentials to access the management console as a non-privileged user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-05T07:17:21.000000Z"}, {"uuid": "d197d6b7-74ec-4481-984f-0e51680ae61b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26235", "type": "seen", "source": "https://t.me/cibsecurity/58551", "content": "\u203c CVE-2023-26235 \u203c\n\nJD-GUI 1.6.6 allows XSS via util/net/InterProcessCommunicationUtil.java.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T02:16:16.000000Z"}, {"uuid": "80208d55-aee2-448d-9d49-5923a38d913a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26234", "type": "seen", "source": "https://t.me/cibsecurity/58550", "content": "\u203c CVE-2023-26234 \u203c\n\nJD-GUI 1.6.6 allows deserialization via UIMainWindowPreferencesProvider.singleInstance.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-21T02:16:15.000000Z"}]}