{"vulnerability": "CVE-2023-3247", "sightings": [{"uuid": "79d5da28-aa0c-44ed-9db8-64b12448f354", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32477", "type": "seen", "source": "https://t.me/cibsecurity/71268", "content": "\u203c CVE-2023-32477 \u203c\n\nDell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-29T12:42:28.000000Z"}, {"uuid": "075e87da-1b0d-4ee0-b1e3-03647a367980", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32471", "type": "seen", "source": "https://t.me/cvedetector/1551", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-32471 - Dell Edge Gateway BIOS Stack Memory Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2023-32471 \nPublished : July 24, 2024, 8:15 a.m. | 27\u00a0minutes ago \nDescription : Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits. \nSeverity: 6.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T10:47:47.000000Z"}, {"uuid": "943c8844-390a-420c-80c3-a0fed50d4a95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32472", "type": "seen", "source": "https://t.me/cvedetector/502", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-32472 - Dell Edge Gateway BIOS, versions 3200 and 5200, co\", \n  \"Content\": \"CVE ID : CVE-2023-32472 \nPublished : July 10, 2024, 3:15 a.m. | 38\u00a0minutes ago \nDescription : Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds write vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability leading to exposure of some code in System Management Mode, leading to arbitrary code execution or escalation of privilege. \nSeverity: 5.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T05:53:21.000000Z"}, {"uuid": "fcad5580-23f5-4a21-ae7c-dcf196be2bbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32479", "type": "seen", "source": "https://t.me/ctinow/197404", "content": "https://ift.tt/QJvX5Bi\nCVE-2023-32479 | Dell Encryption up to 11.8.x ACL access control (dsa-2023-260)", "creation_timestamp": "2024-03-01T09:11:16.000000Z"}, {"uuid": "a2aac937-7142-40e4-9929-39bed40e9612", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32470", "type": "seen", "source": "https://t.me/cibsecurity/70139", "content": "\u203c CVE-2023-32470 \u203c\n\nDell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-08T12:19:26.000000Z"}, {"uuid": "5dde9ff1-f3e4-4c25-847c-f78666908388", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32479", "type": "seen", "source": "https://t.me/ctinow/179850", "content": "https://ift.tt/H4qSWsI\nCVE-2023-32479", "creation_timestamp": "2024-02-06T09:26:15.000000Z"}, {"uuid": "d82206d6-ea29-4bdd-ac04-afee0e5ad17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32474", "type": "seen", "source": "https://t.me/ctinow/179849", "content": "https://ift.tt/KUxNFyc\nCVE-2023-32474", "creation_timestamp": "2024-02-06T09:26:14.000000Z"}, {"uuid": "4e1304ae-0a4d-4c10-9104-08b287979566", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32478", "type": "seen", "source": "https://t.me/cibsecurity/67083", "content": "\u203c CVE-2023-32478 \u203c\n\nDell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnerability. A high privileged malicious user could potentially exploit this vulnerability, leading to sensitive information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-12T04:00:47.000000Z"}, {"uuid": "eb6be942-6aae-4968-88c9-057cdabaf94c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32476", "type": "seen", "source": "https://t.me/cibsecurity/67043", "content": "\u203c CVE-2023-32476 \u203c\n\nDell Hybrid Client version 2.0 contains a Sensitive Data Exposure vulnerability. An unauthenticated malicious user on the device can access hard coded secrets in javascript files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-20T18:32:56.000000Z"}, {"uuid": "c8287afc-55e4-490a-9fa3-7cabd6c8e749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32479", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10253", "content": "#exploit\n1. CVE-2023-32479:\nDell Security Management Server Privilege Escalation\nhttps://packetstormsecurity.com/files/177832/Dell-Security-Management-Server-Privilege-Escalation.html\n\n2. CVE-2024-27686:\nRouterOS 6.44/6.49.10 - DoS\nhttps://packetstormsecurity.com/files/177811/RouterOS-6.44-6.49.10-Denial-Of-Service.html", "creation_timestamp": "2024-04-10T14:31:21.000000Z"}, {"uuid": "2448fb3a-089d-406e-913f-fa7e82ffe12b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3247", "type": "seen", "source": "https://t.me/cibsecurity/67113", "content": "\u203c CVE-2023-3247 \u203c\n\nIn PHP versions 8.0.* before 8.0.29, 8.1.* before 8.1.20, 8.2.* before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was not checked for failure, and was using narrower range of values than it should have. In case of random generator failure, it could lead to a disclosure of 31 bits of uninitialized memory from the client to the server, and it also made easier to a malicious server to guess the client's nonce.\u00c2\u00a0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-22T12:24:14.000000Z"}, {"uuid": "06130545-f5e2-4986-9302-b1067010977d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32479", "type": "seen", "source": "https://t.me/Rootsec_2/2788", "content": "#exploit\n1. CVE-2023-32479:\nDell Security Management Server Privilege Escalation\nhttps://packetstormsecurity.com/files/177832/Dell-Security-Management-Server-Privilege-Escalation.html\n\n2. CVE-2024-27686:\nRouterOS 6.44/6.49.10 - DoS\nhttps://packetstormsecurity.com/files/177811/RouterOS-6.44-6.49.10-Denial-Of-Service.html", "creation_timestamp": "2024-08-16T09:16:37.000000Z"}]}