{"vulnerability": "CVE-2023-3500", "sightings": [{"uuid": "978e3786-3d99-40de-be0e-a07c7b1ad2f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "published-proof-of-concept", "source": "Telegram/E0FO31Y0djnTK2RWBm-iuoFD62pQdvHkcVWQH8MchRmlow", "content": "", "creation_timestamp": "2023-10-26T20:47:37.000000Z"}, {"uuid": "f489f4c0-1462-4a05-bc55-cec4aea4d425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "814e4c58-bfef-4d12-8154-0a8d6c005554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35002", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-289-06", "content": "", "creation_timestamp": "2025-10-16T10:00:00.000000Z"}, {"uuid": "c82fa812-44d2-4b68-8ddb-d41631872ecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11481", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Pwn2Own Vancouver 2023 Ubuntu LPE exploit.\n\nhttps://github.com/Synacktiv/CVE-2023-35001", "creation_timestamp": "2023-09-02T07:46:01.000000Z"}, {"uuid": "afd8acc5-84bb-456a-89aa-3e7500f294d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-105-08", "content": "", "creation_timestamp": "2025-04-15T10:00:00.000000Z"}, {"uuid": "e65e9ef3-a9bf-41db-86fa-9164e8131548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5075", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1anftables oob read/write exploit (CVE-2023-35001)\nURL\uff1ahttps://github.com/syedhafiz1234/nftables-oob-read-write-exploit-CVE-2023-35001-\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-04T15:36:00.000000Z"}, {"uuid": "93c44d0f-4197-4a53-9f79-2133299e31a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35006", "type": "seen", "source": "https://t.me/cvedetector/551", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-35006 - IBM Security QRadar EDR 3.12 is vulnerable to HTML\", \n  \"Content\": \"CVE ID : CVE-2023-35006 \nPublished : July 10, 2024, 4:15 p.m. | 34\u00a0minutes ago \nDescription : IBM Security QRadar EDR 3.12 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.  IBM X-Force ID:  297165. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T18:53:06.000000Z"}, {"uuid": "ae330f93-1b96-4950-953f-b11a2ee3a3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35003", "type": "seen", "source": "https://t.me/ctinow/184803", "content": "https://ift.tt/tg56b43\nCVE-2023-35003", "creation_timestamp": "2024-02-14T17:02:56.000000Z"}, {"uuid": "4f6fd55c-6107-45da-a11d-1f282e044ad1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3176", "content": "Hackers Factory \n\nSocial engineering tool [Access Webcam & Microphone & Location Finder] With Python\n\nhttps://github.com/ultrasecurity/Storm-Breaker\n\nEternalHush - new free advanced open-source c2 framework\n\nhttps://github.com/APT64/EternalHushFramework\n\nVMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)\n\nhttps://github.com/sinsinology/CVE-2023-34039\n\nCSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new record.\n\nhttps://github.com/BrunoTeixeira1996/CVE-2023-36250\n\nA collection of tools for security research on Starlink's User Terminal\n\nhttps://github.com/quarkslab/starlink-tools\n\nSession Hijacking Visual Exploitation\n\nhttps://github.com/doyensec/Session-Hijacking-Visual-Exploitation\n\nPwn2Own Vancouver 2023 Ubuntu LPE exploit\n\nhttps://github.com/synacktiv/CVE-2023-35001\n\nMaking Favicon.ico based Recon Great again \n\nhttps://github.com/devanshbatham/FavFreak\n\nA modern tool written in Python that automates your xss findings.\n\nhttps://github.com/faiyazahmad07/xss_vibes\n\nGet PROXY List that gets updated everyday\n\nhttps://github.com/TheSpeedX/PROXY-List\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-04T16:29:39.000000Z"}, {"uuid": "ad6ef926-5149-4ce7-b557-259ad21be089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35003", "type": "seen", "source": "https://t.me/ctinow/201363", "content": "https://ift.tt/uHYoaTz\nCVE-2023-35003 | Intel VROC Software prior 8.0.8.1001 path manipulation (intel-sa-00953)", "creation_timestamp": "2024-03-06T14:11:52.000000Z"}, {"uuid": "20f3dd05-61f5-4922-bef3-f057c38c2b76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35009", "type": "seen", "source": "https://t.me/cibsecurity/68705", "content": "\u203c CVE-2023-35009 \u203c\n\nIBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 could allow a remote attacker to obtain system information without authentication which could be used in reconnaissance to gather information that could be used for future attacks. IBM X-Force ID: 257703.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T02:36:51.000000Z"}, {"uuid": "7aa058d5-795d-4807-bd13-269c878d5ca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35004", "type": "seen", "source": "https://t.me/ctinow/165613", "content": "https://ift.tt/hrlTkw1\nCVE-2023-35004 Exploit", "creation_timestamp": "2024-01-10T08:16:32.000000Z"}, {"uuid": "d231f4bd-b118-4664-a4e8-d79a9644a3c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3500", "type": "seen", "source": "https://t.me/cibsecurity/67546", "content": "\u203c CVE-2023-3500 \u203c\n\nAn issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A reflected XSS was possible when creating specific PlantUML diagrams that allowed the attacker to perform arbitrary actions on behalf of victims.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T07:38:56.000000Z"}, {"uuid": "53f64043-b914-4025-81d3-956f0f574da0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8956", "content": "#exploit\n1. CVE-2023-36250:\nCSV Injection in GNOME time tracker\nhttps://github.com/BrunoTeixeira1996/CVE-2023-36250\n\n2. CVE-2023-35001:\nUbuntu nftables oob read/write exploit\nhttps://github.com/synacktiv/CVE-2023-35001", "creation_timestamp": "2023-09-02T12:17:01.000000Z"}, {"uuid": "db41497e-58ce-4808-8d2b-e40ec1ea075b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "seen", "source": "https://t.me/cibsecurity/66000", "content": "\u203c CVE-2023-35001 \u203c\n\nLinux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T22:22:05.000000Z"}, {"uuid": "0954a2ce-5ec0-4ea0-a89a-e2b1ecf8aab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35001", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/990", "content": "https://github.com/synacktiv/CVE-2023-35001\nPwn2Own Vancouver 2023 Ubuntu LPE exploit\n\nnftables oob\u8bfb/\u5199\u6f0f\u6d1e\u5229\u7528\n\n#github", "creation_timestamp": "2023-09-01T15:41:02.000000Z"}]}