{"vulnerability": "CVE-2023-4011", "sightings": [{"uuid": "9d6bdc0e-1139-4d07-bbd9-f1cf166d3bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40110", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8083", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-40110\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In multiple functions of MtpPacket.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.\n\ud83d\udccf Published: 2024-02-15T22:31:15.450Z\n\ud83d\udccf Modified: 2025-03-19T16:00:18.169Z\n\ud83d\udd17 References:\n1. https://android.googlesource.com/platform/frameworks/av/+/53243faf690a49e00952b3d3956d2fff0b8d4a3c\n2. https://source.android.com/security/bulletin/2023-11-01", "creation_timestamp": "2025-03-19T16:18:02.000000Z"}, {"uuid": "f10950dd-b81a-4bb4-9dff-33702d441dc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40117", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13911", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-40117\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In resetSettingsLocked of SettingsProvider.java, there is a possible lockscreen bypass due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\ud83d\udccf Published: 2023-10-27T20:22:56.374Z\n\ud83d\udccf Modified: 2025-04-29T19:59:46.887Z\n\ud83d\udd17 References:\n1. https://android.googlesource.com/platform/packages/apps/Settings/+/11815817de2f2d70fe842b108356a1bc75d44ffb\n2. https://android.googlesource.com/platform/frameworks/base/+/ff86ff28cf82124f8e65833a2dd8c319aea08945\n3. https://source.android.com/security/bulletin/2023-10-01", "creation_timestamp": "2025-04-29T20:12:32.000000Z"}, {"uuid": "df3d3d43-0753-40d6-8194-edeb5d722097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40111", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9501", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-40111\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In setMediaButtonReceiver of MediaSessionRecord.java, there is a possible way to send a pending intent on behalf of system_server due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.\n\ud83d\udccf Published: 2024-02-15T22:31:15.565Z\n\ud83d\udccf Modified: 2025-03-28T23:14:06.733Z\n\ud83d\udd17 References:\n1. https://android.googlesource.com/platform/frameworks/base/+/55d3d57cbffc838c52d610af14a056dea87b422e\n2. https://source.android.com/security/bulletin/2023-11-01", "creation_timestamp": "2025-03-28T23:29:22.000000Z"}, {"uuid": "e49f69ba-d564-48bf-a637-213f6c07504c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40116", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14891", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-40116\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In onTaskAppeared of PipTaskOrganizer.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\ud83d\udccf Published: 2023-10-27T20:22:56.201Z\n\ud83d\udccf Modified: 2025-05-05T14:59:16.366Z\n\ud83d\udd17 References:\n1. https://android.googlesource.com/platform/frameworks/base/+/18c3b194642f3949d09e48c21da5658fa04994c8\n2. https://source.android.com/security/bulletin/2023-10-01", "creation_timestamp": "2025-05-05T15:20:19.000000Z"}, {"uuid": "d402b3c9-018f-489c-923b-f782c3439a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40115", "type": "seen", "source": "https://t.me/ctinow/186014", "content": "https://ift.tt/DES8waA\nCVE-2023-40115", "creation_timestamp": "2024-02-16T00:26:31.000000Z"}, {"uuid": "fdaa6182-04da-439c-a7ea-57b951b04ca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40114", "type": "seen", "source": "https://t.me/ctinow/186013", "content": "https://ift.tt/jOtvy9r\nCVE-2023-40114", "creation_timestamp": "2024-02-16T00:26:30.000000Z"}, {"uuid": "0998cf9a-e242-4d6a-9621-82be7768d05e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40113", "type": "seen", "source": "https://t.me/ctinow/186012", "content": "https://ift.tt/3scXW5G\nCVE-2023-40113", "creation_timestamp": "2024-02-16T00:26:29.000000Z"}, {"uuid": "f272ae6b-5014-485a-89ab-28b49accf114", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40112", "type": "seen", "source": "https://t.me/ctinow/186011", "content": "https://ift.tt/KDCVLUB\nCVE-2023-40112", "creation_timestamp": "2024-02-16T00:26:28.000000Z"}, {"uuid": "8b189507-41d4-485c-bf87-9ca807d05e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40111", "type": "seen", "source": "https://t.me/ctinow/186010", "content": "https://ift.tt/wYXWjhB\nCVE-2023-40111", "creation_timestamp": "2024-02-16T00:26:27.000000Z"}, {"uuid": "5b0ea40d-7019-496b-a7c6-d3de03aab90d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40110", "type": "seen", "source": "https://t.me/ctinow/186009", "content": "https://ift.tt/XTiNx6a\nCVE-2023-40110", "creation_timestamp": "2024-02-16T00:26:26.000000Z"}, {"uuid": "31d16d39-83a6-4b06-a890-a1e08f70965c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4011", "type": "seen", "source": "https://t.me/cibsecurity/67568", "content": "\u203c CVE-2023-4011 \u203c\n\nAn issue has been discovered in GitLab EE affecting all versions from 15.11 prior to 16.2.2 which allows an attacker to spike the resource consumption resulting in DoS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T12:39:07.000000Z"}]}