{"vulnerability": "CVE-2023-3941", "sightings": [{"uuid": "823278c6-5df4-4041-8355-40bf36fe7fd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3941", "type": "published-proof-of-concept", "source": "https://t.me/BlackHat0Hackers/52", "content": "QR code SQL injection and other vulnerabilities in a popular biometric terminal (CVE-2023-3938, CVE-2023-3939, CVE-2023-3940, CVE-2023-3941, CVE-2023-3942, CVE-2023-3943)\nhttps://securelist.com/biometric-terminal-vulnerabilities/112800/", "creation_timestamp": "2024-06-12T15:10:04.000000Z"}, {"uuid": "415e151f-6fea-48d8-970e-c57303a40cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39417", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3m3kpzig3zs2i", "content": "", "creation_timestamp": "2025-10-19T16:31:16.696810Z"}, {"uuid": "6ca50fda-903a-4503-94b4-dd4768460536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-39417", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-346", "content": "", "creation_timestamp": "2026-04-13T12:44:04.000000Z"}, {"uuid": "dd169f69-759b-4a42-8ecf-5813f237f491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39413", "type": "seen", "source": "https://t.me/ctinow/173437", "content": "https://ift.tt/ghWxqkL\nCVE-2023-39413 | GTKWave 3.3.115 LXT2 lxt2_rd_iter_radix integer underflow (TALOS-2023-1824)", "creation_timestamp": "2024-01-25T13:46:23.000000Z"}, {"uuid": "b16f0b6a-483a-4b47-a19e-5e383682bfda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39410", "type": "seen", "source": "https://t.me/cibsecurity/71314", "content": "\u203c CVE-2023-39410 \u203c\n\nWhen deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro version 1.11.3 which addresses this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-29T20:37:50.000000Z"}, {"uuid": "ac4c3700-0d49-492a-8944-18b7639f2edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39410", "type": "seen", "source": "https://t.me/ctinow/181857", "content": "https://ift.tt/XK3is1b\nCVE-2023-39410 | Oracle Middleware Common Libraries and Tools 12.2.1.4.0 Third Party denial of service", "creation_timestamp": "2024-02-09T08:21:45.000000Z"}, {"uuid": "06c55c14-cbd6-4ad3-bc37-495cdf6ea2c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39410", "type": "seen", "source": "https://t.me/ctinow/181834", "content": "https://ift.tt/YSeIJDh\nCVE-2023-39410 | Oracle Business Process Management Suite 12.2.1.4.0 BPM Composer denial of service", "creation_timestamp": "2024-02-09T07:51:29.000000Z"}, {"uuid": "b02ce656-676f-40fb-8de9-c8c73ba74800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3941", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/441", "content": "QR code SQL injection and other vulnerabilities in a popular biometric terminal (CVE-2023-3938, CVE-2023-3939, CVE-2023-3940, CVE-2023-3941, CVE-2023-3942, CVE-2023-3943)\nhttps://securelist.com/biometric-terminal-vulnerabilities/112800/", "creation_timestamp": "2024-06-12T18:41:36.000000Z"}, {"uuid": "e8161183-22e6-4b2e-9378-9a5d8e10cd0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39410", "type": "seen", "source": "https://t.me/ctinow/181960", "content": "https://ift.tt/8K0XCpn\nCVE-2023-39410 | Oracle Business Intelligence Enterprise Edition 6.4.0.0.0/7.0.0.0.0 Analytics Server denial of service", "creation_timestamp": "2024-02-09T11:21:48.000000Z"}, {"uuid": "caca8526-0bb4-450f-bf9d-6a3269cdfb15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-39417", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-120-06", "content": "", "creation_timestamp": "2026-04-30T05:00:00.000000Z"}, {"uuid": "0b46d1e1-7e35-4176-8191-21f7f559d34f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39414", "type": "seen", "source": "https://t.me/ctinow/173441", "content": "https://ift.tt/DyrTKIq\nCVE-2023-39414 | GTKWave 3.3.115 LXT2 lxt2_rd_iter_radix integer underflow (TALOS-2023-1824)", "creation_timestamp": "2024-01-25T13:46:27.000000Z"}, {"uuid": "7b4dc1ed-14dd-4d1f-9729-283da3ae6917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39415", "type": "seen", "source": "https://t.me/cibsecurity/68819", "content": "\u203c CVE-2023-39415 \u203c\n\nImproper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product's Control Panel and perform an unintended operation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-18T14:38:17.000000Z"}, {"uuid": "2630ea7e-02b3-4fbe-be5a-50b8aad8312e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39416", "type": "seen", "source": "https://t.me/cibsecurity/68814", "content": "\u203c CVE-2023-39416 \u203c\n\nProself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-18T14:38:09.000000Z"}, {"uuid": "780d83e9-64dd-4078-8d77-a7cedefb3a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39413", "type": "seen", "source": "https://t.me/ctinow/166828", "content": "https://ift.tt/KVbxPw5\nCVE-2023-39413 Exploit", "creation_timestamp": "2024-01-11T21:16:58.000000Z"}, {"uuid": "5c1c5bd6-ae04-40c2-a612-2016264a3d18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39414", "type": "seen", "source": "https://t.me/ctinow/166827", "content": "https://ift.tt/6Ji7zG9\nCVE-2023-39414 Exploit", "creation_timestamp": "2024-01-11T21:16:57.000000Z"}, {"uuid": "4164d2e9-22d5-464e-8854-e7c5f8afcf7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39418", "type": "seen", "source": "https://t.me/cibsecurity/68337", "content": "\u203c CVE-2023-39418 \u203c\n\nA vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T16:27:15.000000Z"}, {"uuid": "4e85e5a4-e878-49e8-a3ef-368cd17979d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39417", "type": "seen", "source": "https://t.me/cibsecurity/68333", "content": "\u203c CVE-2023-39417 \u203c\n\nIN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T16:30:58.000000Z"}, {"uuid": "332ac42e-d26f-4ac4-89f0-c74881828864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3941", "type": "seen", "source": "https://t.me/androidMalware/2248", "content": "QR code SQL injection and other vulnerabilities in a popular biometric terminal (CVE-2023-3938, CVE-2023-3939, CVE-2023-3940, CVE-2023-3941, CVE-2023-3942, CVE-2023-3943)\nhttps://securelist.com/biometric-terminal-vulnerabilities/112800/", "creation_timestamp": "2024-07-17T13:08:30.000000Z"}]}