{"vulnerability": "CVE-2023-4294", "sightings": [{"uuid": "cc6c4ec8-80b6-436f-b7b3-a08a4fdc3ced", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42948", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7820", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-42948\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14. A Wi-Fi password may not be deleted when activating a Mac in macOS Recovery.\n\ud83d\udccf Published: 2024-07-29T20:21:29.357Z\n\ud83d\udccf Modified: 2025-03-17T18:42:29.249Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213940", "creation_timestamp": "2025-03-17T19:34:12.000000Z"}, {"uuid": "eac55710-6c32-4818-81eb-2af878c8efbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4294", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5195", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRepository for CVE-2023-4294 vulnerability. \nURL\uff1ahttps://github.com/b0marek/CVE-2023-4294\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-24T10:22:23.000000Z"}, {"uuid": "6d923ab5-93ee-4cb7-a540-04a5a145a7a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4294", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14553", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-4294\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The URL Shortify WordPress plugin before 1.7.6 does not properly escape the value of the referer header, thus allowing an unauthenticated attacker to inject malicious javascript that will trigger in the plugins admin panel with statistics of the created short link.\n\ud83d\udccf Published: 2023-09-11T19:46:09.500Z\n\ud83d\udccf Modified: 2025-05-02T17:40:10.398Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/1fc71fc7-861a-46cc-a147-1c7ece9a7776", "creation_timestamp": "2025-05-02T18:19:51.000000Z"}, {"uuid": "40235171-58ed-45f2-a282-c16b1035b282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42943", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7688", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-42943\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14. An app may be able to read sensitive location information.\n\ud83d\udccf Published: 2024-07-29T20:21:03.894Z\n\ud83d\udccf Modified: 2025-03-15T15:07:22.076Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/HT213940", "creation_timestamp": "2025-03-15T15:45:18.000000Z"}, {"uuid": "f24b783c-571c-468c-a831-17d7a438894f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42943", "type": "seen", "source": "https://t.me/cvedetector/1935", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-42943 - MacOS Sonoma Location Disclosure Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2023-42943 \nPublished : July 29, 2024, 9:15 p.m. | 29\u00a0minutes ago \nDescription : A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14. An app may be able to read sensitive location information. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T23:50:17.000000Z"}, {"uuid": "8252c28f-b4db-41b9-afe4-38b671bc2bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42940", "type": "seen", "source": "https://t.me/ctinow/156982", "content": "https://ift.tt/1NHfSQ9\nCVE-2023-42940", "creation_timestamp": "2023-12-20T13:53:14.000000Z"}, {"uuid": "fdb52ea4-fe8a-46c4-969f-838482b81a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42948", "type": "seen", "source": "https://t.me/cvedetector/1933", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-42948 - Apple Wi-Fi Password Deletion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-42948 \nPublished : July 29, 2024, 9:15 p.m. | 29\u00a0minutes ago \nDescription : This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14. A Wi-Fi password may not be deleted when activating a Mac in macOS Recovery. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T23:50:12.000000Z"}, {"uuid": "f1b1937c-6212-476e-8997-5a1a9e2089d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42949", "type": "seen", "source": "https://t.me/cvedetector/1931", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-42949 - Apple Photos Temporary Directory Photo Access Weakness\", \n  \"Content\": \"CVE ID : CVE-2023-42949 \nPublished : July 29, 2024, 9:15 p.m. | 29\u00a0minutes ago \nDescription : This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14, watchOS 10, tvOS 17. An app may be able to access edited photos saved to a temporary directory. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-29T23:50:10.000000Z"}, {"uuid": "5ac62c3f-427a-488d-b983-fbc6fc132124", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42942", "type": "seen", "source": "https://t.me/arpsyndicate/3920", "content": "#ExploitObserverAlert\n\nCVE-2023-42942\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42942. This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. A malicious app may be able to gain root privileges.\n\nFIRST-EPSS: 0.000440000", "creation_timestamp": "2024-02-22T04:13:40.000000Z"}, {"uuid": "fdd51d38-4cda-432a-b6a3-c4f1dc6deed9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42945", "type": "seen", "source": "https://t.me/arpsyndicate/3890", "content": "#ExploitObserverAlert\n\nCVE-2023-42945\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42945. A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.1. An app may gain unauthorized access to Bluetooth.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-22T03:35:28.000000Z"}, {"uuid": "13a0eb8a-3acd-4471-8ed4-901a3f358def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42946", "type": "seen", "source": "https://t.me/arpsyndicate/3880", "content": "#ExploitObserverAlert\n\nCVE-2023-42946\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2023-42946. This issue was addressed with improved redaction of sensitive information. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to leak sensitive user information.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-02-22T03:24:17.000000Z"}, {"uuid": "6e6d87a6-8f7d-4544-b45f-65b9a296cea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42940", "type": "seen", "source": "https://t.me/ctinow/167794", "content": "https://ift.tt/KLBe3lG\nCVE-2023-42940 | Apple macOS up to 14.2.0 Screen Sharing information disclosure", "creation_timestamp": "2024-01-13T10:51:34.000000Z"}, {"uuid": "e4cca2b1-ef82-4ba0-a46a-3fde2c454743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42942", "type": "seen", "source": "https://t.me/ctinow/189319", "content": "https://ift.tt/z1deJ2U\nCVE-2023-42942", "creation_timestamp": "2024-02-21T08:31:45.000000Z"}, {"uuid": "88bcd4fc-9f2d-4dd9-8a75-24c303a6aeb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42946", "type": "seen", "source": "https://t.me/ctinow/189321", "content": "https://ift.tt/4cEqN0J\nCVE-2023-42946", "creation_timestamp": "2024-02-21T08:31:47.000000Z"}, {"uuid": "8b521ae1-1f2b-401f-a0f2-8cc6ca9c3322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42945", "type": "seen", "source": "https://t.me/ctinow/189320", "content": "https://ift.tt/cZw4S10\nCVE-2023-42945", "creation_timestamp": "2024-02-21T08:31:46.000000Z"}, {"uuid": "de6a882f-8aa6-44c3-bdd0-33c54691c009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42941", "type": "seen", "source": "https://t.me/ctinow/175703", "content": "https://ift.tt/4GrMUfA\nCVE-2023-42941 | Apple iOS/iPadOS up to 17.1 Bluetooth Packet denial of service (HT214035)", "creation_timestamp": "2024-01-30T06:38:09.000000Z"}]}