{"vulnerability": "CVE-2023-38545", "sightings": [{"uuid": "60fb107a-44a1-4c0e-899a-726ea2402822", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://gist.github.com/tradebot-elastic/0443cfb5016bed103f1940b2f336e45a", "content": "", "creation_timestamp": "2025-01-09T15:31:50.000000Z"}, {"uuid": "c425fa7c-0b7a-4448-bc53-a8f42b2d7b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-05", "content": "", "creation_timestamp": "2025-06-12T10:00:00.000000Z"}, {"uuid": "d5b5ca81-3a84-4217-ab7a-eda0d696a45d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://gist.github.com/bagder/07f7581f6e3d78ef37dfbfc81fd1d1cd", "content": "", "creation_timestamp": "2025-06-28T20:57:49.000000Z"}, {"uuid": "a2a9df87-1785-4a61-836a-5b3e266e3e4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://bsky.app/profile/awesomeredshirt.bsky.social/post/3lu3sv7ywok2v", "content": "", "creation_timestamp": "2025-07-16T16:16:18.599513Z"}, {"uuid": "737b50cb-3a16-4192-b4cc-fecf97505e00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://daniel.haxx.se/blog/2025/07/14/death-by-a-thousand-slops/", "content": "", "creation_timestamp": "2025-07-14T08:38:17.000000Z"}, {"uuid": "cabe9de7-7a7f-49a4-af77-4e1f8f9c0db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://gist.github.com/bobjoe12131/4e0ac62f13008f440485d3f8f892a161", "content": "", "creation_timestamp": "2025-07-18T20:50:25.000000Z"}, {"uuid": "9ee15ef9-510d-489f-9301-bda8027ade3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-043-04", "content": "", "creation_timestamp": "2026-02-12T11:00:00.000000Z"}, {"uuid": "b9839440-83f7-4933-9908-ca94a6f2526b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://gist.github.com/Deepam0404/c4435cc2480483840eb211ebef4d45a8", "content": "", "creation_timestamp": "2025-11-19T12:07:04.000000Z"}, {"uuid": "6cfd6976-88ce-454c-af10-b8030795128d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://gist.github.com/Metis-Intel/b94dbfe682c0d50d18e127d4891208cb", "content": "", "creation_timestamp": "2025-12-16T03:39:35.000000Z"}, {"uuid": "e838b227-95c0-49da-bae8-1f8e19570338", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mej654xs632q", "content": "", "creation_timestamp": "2026-02-10T14:25:16.131221Z"}, {"uuid": "4108da7c-b145-43a4-a716-ef001c6930d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5438", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-38545 POC for the curl command line tool\nURL\uff1ahttps://github.com/dbrugman/CVE-2023-38545-POC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-16T10:13:51.000000Z"}, {"uuid": "672f7875-5063-4d8c-9d79-4547421bbb19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://gist.github.com/alon710/f036a2e055d7cdfc182a0c45f1513c3f", "content": "", "creation_timestamp": "2026-02-18T15:40:40.000000Z"}, {"uuid": "ad1bc389-2cbd-4ccb-82b3-8dc28c913a34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/92582bf5-d92c-47fe-b891-656d271bbfef", "content": "", "creation_timestamp": "2024-10-14T15:50:35.983245Z"}, {"uuid": "040255ee-8253-4725-893c-ed1a516476f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11692", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 How Serious Is The New Curl [CVE-2023-38545] Vulnerability?\n\nhttps://www.intruder.io/blog/curl-high-rated-cve-2023-38545", "creation_timestamp": "2023-10-12T16:04:34.000000Z"}, {"uuid": "c762d39b-a9de-43f8-a979-906e836001ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5450", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA proof of concept for testing CVE-2023-38545 against local curl\nURL\uff1ahttps://github.com/bcdannyboy/CVE-2023-38545\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-16T16:21:17.000000Z"}, {"uuid": "3e607112-2835-44cd-8728-6bd02869ebaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/BleepingComputer/18525", "content": "\u200aHyped up curl vulnerability falls short of expectations\n\ncurl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38545), easing week-long concerns regarding the flaw's severity. [...]\n\nhttps://www.bleepingcomputer.com/news/security/hyped-up-curl-vulnerability-falls-short-of-expectations/", "creation_timestamp": "2023-10-12T17:50:54.000000Z"}, {"uuid": "c2fdb887-8886-4be1-85a4-4367ed2f390c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/BleepingComputer/18524", "content": "Latest news and stories from BleepingComputer.com\nHyped up curl vulnerability falls short of expectations\n\ncurl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38545), easing week-long concerns regarding the flaw's severity. [...]", "creation_timestamp": "2023-10-12T17:09:11.000000Z"}, {"uuid": "1d9bda59-2733-44e0-97a9-89c524aa8650", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/143358", "content": "https://ift.tt/qTOQupm\ncurl: [Critical] Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet", "creation_timestamp": "2023-10-16T14:53:05.000000Z"}, {"uuid": "36c48482-49dd-4bac-ae4a-cbd0e166a5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/kasperskyb2b/921", "content": "\ud83e\udd2f  \u0422\u0435\u043f\u0435\u0440\u044c \u0438 curl\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 curl \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u0435\u0442 \u0432\u043d\u0435\u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 8.4.0 \u043d\u0430 11 \u043e\u043a\u0442\u044f\u0431\u0440\u044f. \u0410\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043d \u0444\u0438\u043a\u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438   CVE-2023-38545 \u0432 curl \u0438 libcurl.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e curl \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0432\u0435\u0437\u0434\u0435, \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u0438\u0435 \u0443 \u0440\u0435\u0434\u0430\u043a\u0446\u0438\u0438 @\u041f2\u0422 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u043a\u0430\u043a \u043d\u0430 \u043a\u0430\u0440\u0442\u0438\u043d\u043a\u0435.", "creation_timestamp": "2023-10-05T15:34:35.000000Z"}, {"uuid": "7225238c-f572-4b96-b6bb-0fede1df95c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/142718", "content": "https://ift.tt/bSCI9dE\nCVE-2023-38545 Curl Vulnerability Details Finally Released", "creation_timestamp": "2023-10-12T03:49:07.000000Z"}, {"uuid": "496cde0f-728b-4d8b-b3ad-e8c66a347c04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/142546", "content": "https://ift.tt/8xBrCMe\nCVE-2023-38545: curl SOCKS5 oversized hostname vulnerability. How bad is it?, (Wed, Oct 11th)", "creation_timestamp": "2023-10-11T15:12:00.000000Z"}, {"uuid": "4acc3f1d-6fc7-424c-86d9-6a128d12f94e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/142472", "content": "https://ift.tt/9FG6gpt\ncurl: CVE-2023-38545: socks5 heap buffer overflow", "creation_timestamp": "2023-10-11T10:02:57.000000Z"}, {"uuid": "1b19d7de-9cee-4259-bfc9-26a0bc7e7e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/142516", "content": "https://ift.tt/ohWfnLX\nCurl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)", "creation_timestamp": "2023-10-11T13:23:23.000000Z"}, {"uuid": "6f88a97d-5e88-438a-8831-ee4bb8770705", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/141533", "content": "https://ift.tt/IVwo5eB\nThe \u201cMost Dangerous\u201d Curl Vulnerability in Years: What You Need to Know About CVE-2023-38545", "creation_timestamp": "2023-10-06T00:07:29.000000Z"}, {"uuid": "42fb668c-d144-4595-b8d8-7585428fe5d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "Telegram/FUmCrmhWwvP-ORi_dMRlBZU3S3dLdvxCoSlYA2gHn_cN2A", "content": "", "creation_timestamp": "2023-10-12T08:03:11.000000Z"}, {"uuid": "46d033e3-86f3-4b88-8cc5-503676509e97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "Telegram/Dm2_Oh_8IJm32r8Ma3T2W_PKYczVaXynvFTeduspmbak", "content": "", "creation_timestamp": "2023-10-22T23:13:34.000000Z"}, {"uuid": "3156f210-c185-47d6-9787-5723d2928821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "Telegram/Kx47TlCntu1490zorZUl0W9pF3C_SX_UWayw0MQ5q-BW4Q", "content": "", "creation_timestamp": "2023-10-09T14:40:30.000000Z"}, {"uuid": "bf66071b-ee33-4837-b01e-3226c522bd85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/arpsyndicate/836", "content": "#ExploitObserverAlert\n\nCVE-2023-38545\n\nDESCRIPTION: Exploit Observer has 40 entries related to CVE-2023-38545. This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.  When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes.  If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved address only. Due to this bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long host name to the target buffer instead of copying just the resolved address there.  The target buffer being a heap based buffer, and the host name coming from the URL that curl has been told to operate with.\n\nFIRST-EPSS: 0.000650000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-01T07:19:18.000000Z"}, {"uuid": "b171f6f8-d30d-4a59-bcf2-5bc9ca9b2800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/cibsecurity/72480", "content": "\u203c CVE-2023-38545 \u203c\n\nThis flaw makes curl overflow a heap based buffer in the SOCKS5 proxyhandshake.When curl is asked to pass along the host name to the SOCKS5 proxy to allowthat to resolve the address instead of it getting done by curl itself, themaximum length that host name can be is 255 bytes.If the host name is detected to be longer, curl switches to local nameresolving and instead passes on the resolved address only. Due to this bug,the local variable that means \"let the host resolve the name\" could get thewrong value during a slow SOCKS5 handshake, and contrary to the intention,copy the too long host name to the target buffer instead of copying just theresolved address there.The target buffer being a heap based buffer, and the host name coming from theURL that curl has been told to operate with.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-18T07:33:27.000000Z"}, {"uuid": "d675c5bb-a225-4ea8-bfb1-932a12a1ebf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3447", "content": "https://github.com/d0rb/CVE-2023-38545\n\nsocks5 heap buffer overflow", "creation_timestamp": "2023-10-18T08:33:12.000000Z"}, {"uuid": "dc9c3eb9-814a-4e59-a37b-0057d43b3669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/KomunitiSiber/920", "content": "Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released\nhttps://thehackernews.com/2023/10/two-high-risk-security-flaws-discovered.html\n\nPatches have been released for\u00a0two security flaws\u00a0impacting the Curl data transfer library, the most severe of which could potentially result in code execution.\nThe list of vulnerabilities is as follows -\n\nCVE-2023-38545\u00a0(CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulnerability\nCVE-2023-38546\u00a0(CVSS score: 5.0) - Cookie injection with none file\n\nCVE-2023-38545 is the more severe of the", "creation_timestamp": "2023-10-12T06:57:55.000000Z"}, {"uuid": "2f185614-02eb-4071-96f2-0794ce1500ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/KomunitiSiber/902", "content": "Security Patch for Two New Flaws in Curl Library Arriving on October 11\nhttps://thehackernews.com/2023/10/security-patch-for-two-new-flaws-in.html\n\nThe maintainers of the\u00a0Curl library\u00a0have released an advisory warning of two forthcoming security vulnerabilities that are expected to be addressed as part of updates released on October 11, 2023.\nThis\u00a0includes\u00a0a high severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively.\nAdditional details about the issues and the exact version ranges", "creation_timestamp": "2023-10-09T13:49:46.000000Z"}, {"uuid": "17fe3856-1468-40bc-ae94-b3bc491f8e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/proxy_bar/1755", "content": "VULN in CURL\nget CVE-2023-38545 - \u043f\u043e\u0438\u0433\u0440\u0430\u0442\u044c\u0441\u044f (\u0441\u0435\u0433\u043e\u0434\u043d\u044f patch)\n\n#curl", "creation_timestamp": "2023-10-11T07:49:21.000000Z"}, {"uuid": "fe476876-b52c-4acc-bd16-48c91c65190b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/181756", "content": "https://ift.tt/JyUgNwi\nCVE-2023-38545 | Oracle HTTP Server 12.2.1.4.0 Third Party out-of-bounds write", "creation_timestamp": "2024-02-09T01:46:30.000000Z"}, {"uuid": "2207904a-0048-44c1-9d56-306ae169f667", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/180299", "content": "https://ift.tt/2qsDdPa\nCVE-2023-38545 | Oracle Essbase 21.5.3.0.0 Essbase Web Platform out-of-bounds write", "creation_timestamp": "2024-02-06T20:46:42.000000Z"}, {"uuid": "8007c956-1a54-40c5-8a64-45de52271a96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/true_secator/4944", "content": "\u0421\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043b\u0443\u0436\u0438\u0442 \u043e\u0441\u043d\u043e\u0432\u043e\u0439 \u0434\u043b\u044f \u043c\u043d\u043e\u0433\u0438\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a SSL, TLS, HTTP, FTP, SMTP, \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u044b \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043d\u0435\u0431\u0435\u0437\u044b\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c curl, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u043c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438 \u0438 \u0441\u0438\u0441\u0430\u0434\u043c\u0438\u043d\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 API, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0432 \u0441\u0440\u0435\u0434\u0438 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0437\u0430\u0434\u0430\u0447 \u0432 \u0441\u0435\u0442\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\n\u041d\u0430 GitHub \u0441\u043e\u0437\u0434\u0430\u0442\u0435\u043b\u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u0443\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0438, \u0447\u0442\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u044f\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043e\u0434\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 CVE-2023-38545 \u0438 \u0434\u043b\u044f \u043c\u0435\u043d\u0435\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b CVE-2023-38546. \n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 curl \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e 11 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0434\u043b\u044f \u043e\u0431\u0435\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c. \u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, CVE-2023-38545 \u0432\u043b\u0438\u044f\u0435\u0442 \u043a\u0430\u043a \u043d\u0430 curl, \u0442\u0430\u043a \u0438 \u043d\u0430 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 libcurl, \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a CVE-2023-38546 \u0432\u043b\u0438\u044f\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443.\n\n\u0421\u0430\u043c\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e CVE-2023-38545 \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 curl \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f. \n\n\u041a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f \u0432 \u0446\u0435\u043b\u044f\u0445 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a \u0447\u0442\u043e \u0434\u0435\u0440\u0436\u0438\u043c \u0443\u0445\u043e \u0432\u043e\u0441\u0442\u0440\u043e \u0438 \u0436\u0434\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.", "creation_timestamp": "2023-10-09T19:38:29.000000Z"}, {"uuid": "fa99555e-7368-47f1-ad3c-c4b2f15d3159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/180229", "content": "https://ift.tt/T9smRou\nCVE-2023-38545 | Oracle Database up to 19.21/21.12/23.3 Oracle Spatial/Graph denial of service", "creation_timestamp": "2024-02-06T18:41:43.000000Z"}, {"uuid": "b60aae59-8429-4298-9e99-103b88fa4176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/GDSpace/962", "content": "\u041f\u0440\u043e\u0436\u0435\u043a\u0442\u043e\u0440 \u043f\u043e \u0418\u0411, \u0432\u044b\u043f\u0443\u0441\u043a \u21166 (08.10.2023). \u0417\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u044d\u043f\u0438\u0437\u043e\u0434. \u0412 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u043c\u044b \u0433\u043e\u0432\u043e\u0440\u0438\u043b\u0438 \u043f\u0440\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0438.\n\n\u041c\u044b \u044d\u0442\u043e:\n\n\ud83d\udd38 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u041b\u0435\u043e\u043d\u043e\u0432, \"\u0423\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043f\u0440\u043e\u0447\u0435\u0435\"\n\ud83d\udd38 \u041b\u0435\u0432 \u041f\u0430\u043b\u0435\u0439, \"\u0412\u0435\u0441\u0442\u0438 \u0438\u0437 \u041f\u0430\u043b\u0435\u0439\"\n\ud83d\udd38 \u041c\u0430\u043a\u0441\u0438\u043c \u0425\u0430\u0440\u0430\u0441\u043a, \"Global Digital Space\"\n\n00:00 \u0417\u0434\u043e\u0440\u043e\u0432\u0430\u0435\u043c\u0441\u044f, \u0441\u043c\u043e\u0442\u0440\u0438\u043c \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0443 \u043f\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430\u043c \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0433\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0430\n02:18 \u0421\u0430\u0448\u0430 \u0432\u044b\u0448\u0435\u043b \u043d\u0430 \u0440\u0430\u0431\u043e\u0442\u0443 \u0432 Positive Technologies \u0438 \u0447\u0435\u043c \u0436\u0435 \u043e\u043d \u0442\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0437\u0430\u043d\u0438\u043c\u0430\u0442\u044c\u0441\u044f\n04:50 RCE \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u043e\u0447\u0442\u043e\u0432\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Exim (CVE-2023-42115)\n08:16 SSRF/RCE \u0432 TorchServe (CVE-2023-43654, CVE-2022-1471), ShellTorch\n12:05 \u0412 Cisco Emergency Responder \u043d\u0430\u0448\u043b\u0438 root-\u043e\u0432\u044b\u0435 \u0443\u0447\u0451\u0442\u043a\u0438 \u0441 \u0437\u0430\u0445\u0430\u0440\u0434\u043a\u043e\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0430\u0440\u043e\u043b\u044f\u043c\u0438 (CVE-2023-20101)\n16:44 \u041d\u043e\u0432\u044b\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 OpenPubkey\n17:56 EoP \u0438\u043b\u0438 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Atlassian Confluence (CVE-2023-22515)\n23:42 \u0413\u0440\u044f\u0434\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c cURL \u0438 libcurl (CVE-2023-38545)\n27:07 \u041d\u043e\u0432\u0430\u044f bug bounty \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430 \u041c\u0438\u043d\u0446\u0438\u0444\u0440\u044b\n30:32 \u0421\u0438\u0441\u0442\u0435\u043c\u0430 \u0431\u0440\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \"\u041b\u0435\u043e\u043d\u0430\u0440\u0434\u043e\" \u0432\u043d\u043e\u0432\u044c \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u043b\u0430\u0441\u044c DDOS-\u0430\u0442\u0430\u043a\u0435 \u0438\u0437-\u0437\u0430 \u0440\u0443\u0431\u0435\u0436\u0430\n35:22 \u042d\u043a\u043e\u0441\u0438\u0441\u0442\u0435\u043c\u0430 Xiaomi \u0432\u044b\u0448\u043b\u0430 \u0438\u0437 \u0441\u0442\u0440\u043e\u044f \u043f\u043e \u0432\u0441\u0435\u0439 \u0420\u043e\u0441\u0441\u0438\u0438\n36:38 Qualys-\u044b \u043d\u0430\u0440\u0435\u0441\u0435\u0440\u0447\u0438\u043b\u0438 EoP/LPE \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043e \u0432\u0441\u0435\u0445 Linux-\u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0430\u0445, \u0430 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u0432 glibc (CVE-2023-4911)\n39:19 XSpider-\u0443 25 \u043b\u0435\u0442. \u0420\u043e\u0432\u043d\u043e \u043a\u0430\u043a \u0438 \u0432\u0441\u0435\u043c\u0443 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u043c\u0443 Vulnerability Management-\u0443. \u041e\u0431\u0441\u0443\u0436\u0434\u0430\u0435\u043c \u0432 \u043a\u0430\u043a\u0443\u044e \u0441\u0442\u043e\u0440\u043e\u043d\u0443 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0435\u0442\u0441\u044f VM.\n46:42 \u041f\u0440\u043e\u0449\u0430\u043d\u0438\u0435 \u043e\u0442 Mr. X\n\n@avleonovrus #\u041f\u0440\u043e\u0436\u0435\u043a\u0442\u043e\u0440\u041f\u043e\u0418\u0411 #PositiveTechnologies #Exim #TorchServe #Cisco #OpenPubkey #Atlassian #Confluence #cURL #libcurl #bugbounty #\u041c\u0438\u043d\u0446\u0438\u0444\u0440\u044b #\u041b\u0435\u043e\u043d\u0430\u0440\u0434\u043e #Xiaomi #Qualys #Linux #glibc #XSpider #VulnerabilityManagement #MaxPatrolVM", "creation_timestamp": "2023-10-09T21:14:14.000000Z"}, {"uuid": "306df521-5e94-46af-a89e-b8ffcee47842", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/ctinow/182226", "content": "https://ift.tt/wyqjD5O\nCVE-2023-38545 | Oracle MySQL Cluster 8.0.34 and prior/8.1.0 out-of-bounds write", "creation_timestamp": "2024-02-09T19:57:13.000000Z"}, {"uuid": "358fcb53-0a0c-4cc9-8301-8173a92756b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9218", "content": "#exploit\n1. CVE-2023-20198:\nCisco ISO XE Software Web Management User Interface Vulnerability\nhttps://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software\n]-> PoC: https://github.com/Tounsi007/CVE-2023-20198\n]-> Checkscript: https://github.com/Atea-Redteam/CVE-2023-20198\n\n2. CVE-2023-36728:\nWindows SQL Server Pre-Auth Overflow Read\nhttps://v-v.space/2023/10/16/sqlserver-dos-CVE-2023-36728\n\n3. CVE-2023-38545:\nSocks5 heap buffer overflow\nhttps://github.com/d0rb/CVE-2023-38545", "creation_timestamp": "2023-10-19T09:31:44.000000Z"}, {"uuid": "97cfacb9-b4f0-48c4-8cc5-9aac5e5bb293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1312", "content": "https://github.com/d0rb/CVE-2023-38545\nsocks5 heap buffer overflow\n#github", "creation_timestamp": "2023-10-18T05:05:28.000000Z"}, {"uuid": "dbcc7d2c-7550-428f-8586-ae6d8774d82c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/thehackernews/3996", "content": "\ud83d\udce2 Security Advisory : Two major security flaws in the Curl data transfer library exposed. CVE-2023-38545, the worst of them, could lead to code execution. \n \nLearn more about them here: https://thehackernews.com/2023/10/two-high-risk-security-flaws-discovered.html \n \nPatch your systems and software immediately.", "creation_timestamp": "2023-10-12T06:43:32.000000Z"}, {"uuid": "2fc39f7d-22b8-456f-9029-e0d2933c4362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/thehackernews/3979", "content": "\ud83d\udea8 Heads up, Developers! Curl library, backbone of data transfers, to address TWO security vulnerabilities on October 11, 2023. \n \nRead: https://thehackernews.com/2023/10/security-patch-for-two-new-flaws-in.html \n \nCVE-2023-38545 & CVE-2023-38546 pose risks; details under wraps.", "creation_timestamp": "2023-10-09T12:36:14.000000Z"}, {"uuid": "0bfc333c-46f1-4c8f-9504-9b4e4c01e646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "https://t.me/SecLabNews/14403", "content": "Curl 8.4.0: \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0441\u044f \u0432 \u0434\u043e\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\n\n\u2716\ufe0f \u041d\u043e\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f curl \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0434\u0432\u0435 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438: CVE-2023-38545 \u0438 CVE-2023-38546, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u043a\u0430\u043a libcurl, \u0442\u0430\u043a \u0438 curl.\n\n\u2716\ufe0f \u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0437 \u0441\u0435\u0431\u044f \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u0438 \u0434\u0430\u0436\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430. \u0412\u0442\u043e\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0435\u0439 cookie \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e libcurl.\n\n\u2716\ufe0f \u0414\u0430\u043d\u0438\u044d\u043b\u044c \u0421\u0442\u0435\u043d\u0431\u0435\u0440\u0433 \u043f\u0440\u0438\u0437\u043d\u0430\u043b, \u0447\u0442\u043e \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 curl \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u0431\u044b, \u0435\u0441\u043b\u0438 \u0431\u044b \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0431\u044b\u043b \u043d\u0430\u043f\u0438\u0441\u0430\u043d \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u043c \u044f\u0437\u044b\u043a\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441 \u0431\u043e\u043b\u044c\u0448\u0438\u043c \u043e\u0431\u044a\u0451\u043c\u043e\u043c \u043f\u0430\u043c\u044f\u0442\u0438, \u0430 \u043d\u0435 \u043d\u0430 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u043c \u044f\u0437\u044b\u043a\u0435 C.\n\n#curl #\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @SecLabNews", "creation_timestamp": "2023-10-11T21:31:49.000000Z"}, {"uuid": "2424b992-8c89-4fee-a491-f5fc68e4f962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1407", "content": "#exploit\n1. CVE-2023-20198:\nCisco ISO XE Software Web Management User Interface Vulnerability\nhttps://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software\n]-> Checkscript: https://github.com/Atea-Redteam/CVE-2023-20198\n\n2. CVE-2023-36728:\nWindows SQL Server Pre-Auth Overflow Read\nhttps://v-v.space/2023/10/16/sqlserver-dos-CVE-2023-36728\n\n3. CVE-2023-38545:\nSocks5 heap buffer overflow\nhttps://github.com/d0rb/CVE-2023-38545", "creation_timestamp": "2024-08-16T08:34:05.000000Z"}, {"uuid": "81a98ae9-de8b-44b0-81a9-c0205886041d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "seen", "source": "Telegram/xcKmU7jr_o-giILMGeN0XaPtOOAzTUc3Z69-kegmYXI0gk0", "content": "", "creation_timestamp": "2023-10-12T19:16:51.000000Z"}, {"uuid": "6fbbf86f-dda1-4dda-818d-8c9133875749", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38545", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1361", "content": "https://github.com/UTsweetyfish/CVE-2023-38545", "creation_timestamp": "2024-08-16T08:33:56.000000Z"}]}