{"vulnerability": "CVE-2023-2655", "sightings": [{"uuid": "820be290-d68e-47ba-aa82-0f8cbff4b523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2655", "type": "seen", "source": "https://t.me/ctinow/172132", "content": "https://ift.tt/0qOIEUX\nCVE-2023-2655 Exploit", "creation_timestamp": "2024-01-23T17:16:50.000000Z"}, {"uuid": "1d53e651-74d7-44c9-93be-40465664e91b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-26555", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "a5c4452b-d456-4459-881f-34cd26f2e1c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-26554", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "f3c5a8d9-8e34-48cf-b465-7a5dca810c89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-26553", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "05e48e89-7823-4f1c-97db-a4519167ecdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2655", "type": "seen", "source": "https://t.me/ctinow/179855", "content": "https://ift.tt/zKwTLtG\nCVE-2023-2655 | WD Contact Form Plugin up to 1.13.23 on WordPress sql injection", "creation_timestamp": "2024-02-06T09:41:27.000000Z"}, {"uuid": "155fd6f3-706b-406f-84c6-21a15509a4df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-26551", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "7e9e4fcb-5947-4b63-bb01-f32767c58140", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-26552", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "cc06855f-e6f3-4b58-a3ca-2fa6b847445b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26550", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7228", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26550\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute arbitrary SQL commands via the memname JSON field.\n\ud83d\udccf Published: 2023-02-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-11T20:29:33.947Z\n\ud83d\udd17 References:\n1. https://www.synacktiv.com/sites/default/files/2023-02/Synacktiv-ControlM-Multiple-Vulnerabilities.pdf", "creation_timestamp": "2025-03-11T20:41:21.000000Z"}, {"uuid": "32e38d6f-04a9-4c9b-876b-d9f4bb2367b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2655", "type": "seen", "source": "https://t.me/ctinow/168906", "content": "https://ift.tt/mu1TDKX\nCVE-2023-2655", "creation_timestamp": "2024-01-16T17:27:09.000000Z"}, {"uuid": "7f1f9067-0423-4180-a48b-57693ac89655", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26555", "type": "seen", "source": "https://t.me/cibsecurity/61935", "content": "\u203c CVE-2023-26555 \u203c\n\npraecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T00:23:54.000000Z"}, {"uuid": "baf90cde-2db4-4c50-8535-d361ae613d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26556", "type": "seen", "source": "https://t.me/cibsecurity/62631", "content": "\u203c CVE-2023-26556 \u203c\n\nio.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time (there is an if statement in a loop). One leak is in ecdsa/keygen/round_2.go. (bnb-chain/tss-lib and thorchain/tss are also affected.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-21T22:31:49.000000Z"}, {"uuid": "d552a42f-7bc2-49d1-a40e-1a61a746cc1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26557", "type": "seen", "source": "https://t.me/cibsecurity/62630", "content": "\u203c CVE-2023-26557 \u203c\n\nio.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side-channel attack because it relies on Go big.Int, which is not constant time for Cmp, modular exponentiation, or modular inverse. An example leak is in crypto/paillier/paillier.go. (bnb-chain/tss-lib and thorchain/tss are also affected.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-21T22:31:48.000000Z"}, {"uuid": "bfb99089-d956-4204-ba43-7944edcce61d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26559", "type": "seen", "source": "https://t.me/cibsecurity/62131", "content": "\u203c CVE-2023-26559 \u203c\n\nA directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2023022015 allows an attacker to read files from a WEB-INF directory via a crafted HTTP request. (XML Web Author 24.1.0.3 build 2023021714 and 23.1.1.4 build 2023021715 are also fixed versions.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:25:56.000000Z"}, {"uuid": "cda9a558-f57f-44fd-a368-5caefcd47468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26550", "type": "seen", "source": "https://t.me/cibsecurity/58902", "content": "\u203c CVE-2023-26550 \u203c\n\nA SQL injection vulnerability in BMC Control-M before 9.0.20.214 allows attackers to execute arbitrary SQL commands via the memname JSON field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-09T12:24:54.000000Z"}, {"uuid": "87ead04c-b289-43e2-9156-ff57ca634440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26551", "type": "seen", "source": "https://t.me/cibsecurity/61944", "content": "\u203c CVE-2023-26551 \u203c\n\nmstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp&lt;cpdec while loop.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-12T00:29:46.000000Z"}]}