{"vulnerability": "CVE-2023-3443", "sightings": [{"uuid": "95ee518a-903f-4c4f-a3c9-c8af28a89565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34437", "type": "seen", "source": "https://t.me/cibsecurity/72549", "content": "\u203c CVE-2023-34437 \u203c\n\nBaker Hughes \u00e2\u20ac\u201c Bently Nevada 3500 System TDI Firmware version 5.05 contains\u00c2\u00a0a vulnerability in their password retrieval functionality which could allow an attacker to access passwords stored on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T07:34:14.000000Z"}, {"uuid": "25c54a8d-9bda-4b3f-83f1-4a1103c7192f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34434", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4323", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-34434\n\ud83d\udd25 CVSS Score: 7.5 (CVSS_V3)\n\ud83d\udd39 Description: Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0.\u00a0\n\nThe attacker could bypass the current logic and achieve arbitrary file reading. To solve it, users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick  https://github.com/apache/inlong/pull/8130 .\n\ud83d\udccf Published: 2023-07-25T09:30:18Z\n\ud83d\udccf Modified: 2025-02-13T19:01:49Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2023-34434\n2. https://github.com/apache/inlong/pull/8130\n3. https://github.com/apache/inlong/commit/34835f827771074345f42a9b1658d018f202516e\n4. https://github.com/apache/inlong\n5. https://lists.apache.org/thread/7f1o71w5r732cspltmtdydn01gllf4jo\n6. http://seclists.org/fulldisclosure/2023/Jul/43\n7. http://www.openwall.com/lists/oss-security/2023/07/25/3", "creation_timestamp": "2025-02-13T19:18:52.000000Z"}, {"uuid": "7fac5462-172c-4828-9bbb-b36c037ff3b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34436", "type": "seen", "source": "https://t.me/ctinow/165614", "content": "https://ift.tt/WNDO8i6\nCVE-2023-34436 Exploit", "creation_timestamp": "2024-01-10T08:16:33.000000Z"}, {"uuid": "27672f55-d569-4bc9-9bec-baa46b3cea04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34439", "type": "seen", "source": "https://t.me/ctinow/160817", "content": "https://ift.tt/YozeLH6\nCVE-2023-34439 | Implem Pleasanter up to 1.3.47.0 cross site scripting", "creation_timestamp": "2023-12-30T09:06:46.000000Z"}, {"uuid": "a81738c0-0cd9-41f8-95bd-e8477326d877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34433", "type": "seen", "source": "https://t.me/cibsecurity/66172", "content": "\u203c CVE-2023-34433 \u203c\n\nPiiGAB M-Bus stores passwords using a weak hash algorithm.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-07T07:25:52.000000Z"}, {"uuid": "996d26d7-57ca-4177-a2da-e2d7a381fd46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3443", "type": "seen", "source": "https://t.me/ctinow/157809", "content": "https://ift.tt/gEfYyaQ\nCVE-2023-3443 | GitLab prior 16.4.3/16.5.3/16.6.1 Confidential Work Item access control (Issue 41649)", "creation_timestamp": "2023-12-21T16:41:14.000000Z"}, {"uuid": "08401b4a-801f-48c0-a26e-ef5197575460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34434", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/67213", "content": "\u203c CVE-2023-34434 \u203c\n\nDeserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.7.0.\u00c2\u00a0The attacker could bypass the current logic and achieve arbitrary file reading. To solve it, users are advised to upgrade to Apache InLong's 1.8.0 or cherry-pick https://github.com/apache/inlong/pull/8130 .\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T12:28:03.000000Z"}, {"uuid": "56987805-d86e-4ecd-8ae9-b482ad3b7d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34432", "type": "seen", "source": "https://t.me/cibsecurity/66308", "content": "\u203c CVE-2023-34432 \u203c\n\nA heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T00:24:09.000000Z"}]}