{"vulnerability": "CVE-2023-31419", "sightings": [{"uuid": "ae3113d0-db43-4160-b76d-a2afc8422236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "seen", "source": "https://t.me/arpsyndicate/3211", "content": "#ExploitObserverAlert\n\nCVE-2023-31419\n\nDESCRIPTION: Exploit Observer has 6 entries in 3 file formats related to CVE-2023-31419. A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.\n\nFIRST-EPSS: 0.000810000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-28T04:59:48.000000Z"}, {"uuid": "5a1df80f-f24b-4675-a019-4e3bb5c1d88d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "seen", "source": "Telegram/cJE2f1Ylibso8WfxExY7XnGGn9loSwHSSInb5Uh2BQYHEQ", "content": "", "creation_timestamp": "2023-09-28T05:04:24.000000Z"}, {"uuid": "7909232a-21f9-4fa6-98a7-a4e2d36aa312", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3212", "content": "Hackers Factory \n\nWEB-Wordlist-Generator creates related wordlists after scanning your web applications.\n\nhttps://github.com/OsmanKandemir/web-wordlist-generator\n\nThis repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.\n\nhttps://github.com/Bert-JanP/Open-Source-Threat-Intel-Feeds\n\nProof of concept on BYOVD attack\n\nhttps://github.com/MrEmpy/Reaper\n\nThis is the source code for Data-free Backdoor. Our paper is accepted by the 32nd USENIX Security Symposium (USENIX Security 2023).\n\nhttps://github.com/lvpeizhuo/Data-free_Backdoor\n\nA tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nElasticsearch Stack Overflow Vulnerability\n\nhttps://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419\n\nAn automated script to extract hidden images from Tecno Camon X\n\nhttps://github.com/tahaafarooq/gallery3d-tecno-exploit\n\nOfficial source codes for the paper \"A Stealthy Backdoor Attack for Code Models\"\n\nhttps://github.com/qyb156/stealthy_backdoor_attack\n\nCMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.\n\nRun it on file mode.\n\npython3 cmsmap.py -i test.txt -t 200 -F -s -o test-resulte.txt\n\nhttps://github.com/dionach/CMSmap\nhttps://github.com/Doctype02/exploitdb\n\nBChecks collection for Burp Suite Professional\n\nhttps://github.com/emadshanab/BChecks-Collection\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-27T04:16:37.000000Z"}, {"uuid": "817e94b6-2e15-4878-953c-8d726d5f465d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "seen", "source": "https://t.me/proxy_bar/1732", "content": "Elasticsearch Stack Overflow Vulnerability\nCVE-2023-31419 Exploit\n\ud83d\udc4c", "creation_timestamp": "2023-09-20T22:42:59.000000Z"}, {"uuid": "34b33867-f01c-406b-aead-d2117cf8ed2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "published-proof-of-concept", "source": "Telegram/hy3RTMssr2TEFMcQVJs7PvvoO6v5qJcmAwo4yeCaKvqq5G0", "content": "", "creation_timestamp": "2023-09-30T13:51:23.000000Z"}, {"uuid": "de8247d5-ed9f-4c1f-84f6-ceefbdc5caa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "seen", "source": "https://t.me/crackcodes/4390", "content": "\ud83d\udd78Black Wallpaper HD Background App Data Leak : Download\n\n\ud83e\udeacPlayTube CVE-2023-4714 Exploit : Check\n\n\ud83d\udc38PaperCut NG CVE-2023-4568 Exploit : Check\n\n\ud83d\udcccPrestashop CVE-2023-39677 Exploit : Check\n\n\ud83d\udccdMicrosoft SharePoint: CVE-2023-29357 Exploit : Check\n\n\ud83d\udc32Cisco CVE-2023-20209 Exploit : Check\n\n\ud83d\udcefElasticsearch Exploit-CVE-2023-31419 : Check\n\n\ud83e\ude85Chinese Maoxin Database Leak : Download\n\n\ud83d\udc7e\ud83d\udcdfNSA Equation Group Hacking Tools Leaked : Download", "creation_timestamp": "2023-09-28T18:37:41.000000Z"}, {"uuid": "b2c633e2-9d22-43b4-8ccf-7cbccb45a0c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "seen", "source": "https://t.me/crackcodes/4382", "content": "\ud83d\udd78Black Wallpaper HD Background App Data Leak : Download\n\n\ud83e\udeacPlayTube CVE-2023-4714 Exploit : Check\n\n\ud83d\udc38PaperCut NG CVE-2023-4568 Exploit : Check\n\n\ud83d\udcccPrestashop CVE-2023-39677 Exploit : Check\n\n\ud83d\udccdMicrosoft SharePoint: CVE-2023-29357 Exploit : Check\n\n\ud83d\udc32Cisco CVE-2023-20209 Exploit : Check\n\n\ud83d\udcefElasticsearch Exploit-CVE-2023-31419 : Check\n\n\ud83e\ude85Chinese Maoxin Database Leak : Download\n\n\ud83d\udc7e\ud83d\udcdfNSA Equation Group Hacking Tools Leaked : Download", "creation_timestamp": "2023-10-10T07:12:43.000000Z"}, {"uuid": "c3fafa8e-1b83-4d34-9252-dacb82bd00ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "seen", "source": "https://t.me/cibsecurity/72995", "content": "\u203c CVE-2023-31419 \u203c\n\nA flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-26T22:16:02.000000Z"}, {"uuid": "595432c5-f7ea-452c-b550-2669280aa750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1178", "content": "https://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419\nElasticsearch\u5806\u6808\u6ea2\u51fa\u6f0f\u6d1e\n#github", "creation_timestamp": "2023-09-24T15:22:35.000000Z"}, {"uuid": "2652e553-2b4e-4678-9038-12d0febb655a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9082", "content": "#exploit\n1. CVE-2023-31419:\nElasticsearch StackOverflow vulnerability\nhttps://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419\n\n2. Gallery3D Tecno Hidden Image Bypass Exploit\nhttps://github.com/tahaafarooq/gallery3d-tecno-exploit", "creation_timestamp": "2023-09-24T18:54:10.000000Z"}, {"uuid": "f170ca10-820d-4c0b-90f3-303be74793cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31419", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1116", "content": "#exploit\n1. CVE-2023-31419:\nElasticsearch StackOverflow vulnerability\nhttps://github.com/sqrtZeroKnowledge/Elasticsearch-Exploit-CVE-2023-31419\n\n2. Gallery3D Tecno Hidden Image Bypass Exploit\nhttps://github.com/tahaafarooq/gallery3d-tecno-exploit", "creation_timestamp": "2024-08-16T08:28:27.000000Z"}]}