{"vulnerability": "CVE-2023-3043", "sightings": [{"uuid": "c025086f-ebcc-4450-9902-96faec02f8ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30435", "type": "seen", "source": "https://t.me/cibsecurity/69250", "content": "\u203c CVE-2023-30435 \u203c\n\nIBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-28T02:21:13.000000Z"}, {"uuid": "fcef533d-88f0-46a6-964b-fe1aee37697c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30438", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2580", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-30438\n\ud83d\udd39 Description: An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server.  IBM X-Force ID:  252706.\n\ud83d\udccf Published: 2023-05-17T12:48:37.240Z\n\ud83d\udccf Modified: 2025-01-22T16:48:02.322Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6993021\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/252706", "creation_timestamp": "2025-01-22T17:01:51.000000Z"}, {"uuid": "f492fe36-f63f-49f5-bb00-5e802b845db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3043", "type": "seen", "source": "https://t.me/ctinow/174843", "content": "https://ift.tt/EBnVGD8\nCVE-2023-3043 | AMI MegaRAC_SPx prior 12.7/13.6 BMC stack-based overflow", "creation_timestamp": "2024-01-28T06:51:27.000000Z"}, {"uuid": "d9424b1e-4423-484b-933c-fccd51126a72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3043", "type": "seen", "source": "https://t.me/ctinow/165462", "content": "https://ift.tt/JTPZI2A\nCVE-2023-3043", "creation_timestamp": "2024-01-10T00:26:40.000000Z"}, {"uuid": "3f338e46-0105-46d6-82ab-801001276082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30431", "type": "seen", "source": "https://t.me/arpsyndicate/2356", "content": "#ExploitObserverAlert\n\nCVE-2023-30431\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-30431. IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 db2set is vulnerable to a buffer overflow, caused by improper bounds checking.  An attacker could overflow the buffer and execute arbitrary code.  IBM X-Force ID:  252184.\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2024-01-03T20:37:36.000000Z"}, {"uuid": "17d74344-84e1-4ea6-8516-25a710bc2f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30437", "type": "seen", "source": "https://t.me/cibsecurity/69252", "content": "\u203c CVE-2023-30437 \u203c\n\nIBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-28T02:21:18.000000Z"}, {"uuid": "248a6fd4-68d0-4550-a28c-6f7313b74967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30436", "type": "seen", "source": "https://t.me/cibsecurity/69245", "content": "\u203c CVE-2023-30436 \u203c\n\nIBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-28T02:16:08.000000Z"}, {"uuid": "d6120beb-36af-41e5-bc3a-8983a335f16d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30438", "type": "seen", "source": "https://t.me/cibsecurity/64315", "content": "\u203c CVE-2023-30438 \u203c\n\nAn internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server. IBM X-Force ID: 252706.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T16:31:16.000000Z"}, {"uuid": "b031e74e-68a5-454c-a58c-b646392febbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30433", "type": "seen", "source": "https://t.me/cibsecurity/66988", "content": "\u203c CVE-2023-30433 \u203c\n\nIBM Security Verify Access 10.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 252186.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T07:24:59.000000Z"}, {"uuid": "50f54f6d-6b9d-4ff8-837c-c85b92d1f364", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30434", "type": "seen", "source": "https://t.me/cibsecurity/63375", "content": "\u203c CVE-2023-30434 \u203c\n\nIBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-05T18:25:16.000000Z"}]}