{"vulnerability": "CVE-2023-3266", "sightings": [{"uuid": "69d7b319-807f-48cb-ae64-1e193e583500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32666", "type": "seen", "source": "https://t.me/ctinow/208024", "content": "https://ift.tt/7aiFsWm\nCVE-2023-32666", "creation_timestamp": "2024-03-14T18:26:56.000000Z"}, {"uuid": "9f358f91-46ed-423a-b534-0a10fbfd60b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32666", "type": "seen", "source": "https://t.me/ctinow/208007", "content": "https://ift.tt/7aiFsWm\nCVE-2023-32666", "creation_timestamp": "2024-03-14T18:22:41.000000Z"}, {"uuid": "a665140f-bf48-40b2-b75c-7647eefd610c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32664", "type": "seen", "source": "https://t.me/cibsecurity/67008", "content": "\u203c CVE-2023-32664 \u203c\n\nA type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a malicious file to trigger the vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-19T18:21:50.000000Z"}, {"uuid": "f976b604-ae8b-4075-8ed3-e57d9d9afe85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32665", "type": "seen", "source": "https://t.me/cibsecurity/70561", "content": "\u203c CVE-2023-32643 \u203c\n\nA flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but does affect GLib distributors who followed the guidance of GLib developers to backport the initial fix for CVE-2023-32665.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T00:24:48.000000Z"}, {"uuid": "d3814341-62d3-49d9-b93d-2b2079f494d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32665", "type": "seen", "source": "https://t.me/cibsecurity/70578", "content": "\u203c CVE-2023-32665 \u203c\n\nA flaw was found in GLib. GVariant deserialization is vulnerable to an exponential blowup issue where a crafted GVariant can cause excessive processing, leading to denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-15T00:25:11.000000Z"}, {"uuid": "0889d214-ae1c-4395-afcb-e31f16c84868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3266", "type": "seen", "source": "https://t.me/cibsecurity/68423", "content": "\u203c CVE-2023-3266 \u203c\n\nA non-feature complete authentication mechanism exists in the production application allowing an attacker to bypass all authentication checks if LDAP authentication is selected.An unauthenticated attacker can leverage this vulnerability to log in to the CypberPower PowerPanel Enterprise as an administrator by selecting LDAP authentication from a hidden HTML combo box. Successful exploitation of this vulnerability also requires the attacker to know at least one username on the device, but any password will authenticate successfully.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T12:19:09.000000Z"}, {"uuid": "59818211-3e7e-4977-be69-3355dafc01ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32668", "type": "seen", "source": "https://t.me/cibsecurity/63859", "content": "\u203c CVE-2023-32668 \u203c\n\nLuaTeX before 1.17.0 enables the socket library by default.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-11T12:15:06.000000Z"}]}