{"vulnerability": "CVE-2023-4361", "sightings": [{"uuid": "3d4fc572-7975-4cae-b2da-4ba0f2c543fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43615", "type": "seen", "source": "https://t.me/cibsecurity/71772", "content": "\u203c CVE-2023-43615 \u203c\n\nMbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-07T07:14:00.000000Z"}, {"uuid": "fcebd977-7817-4108-b124-15f32e6c5d6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43617", "type": "seen", "source": "https://t.me/cibsecurity/70788", "content": "\u203c CVE-2023-43617 \u203c\n\nAn issue was discovered in Croc through 9.6.5. When a custom shared secret is used, the sender and receiver may divulge parts of this secret to an untrusted Relay, as part of composing a room name.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T12:30:18.000000Z"}, {"uuid": "1276fd2c-170d-4791-9b46-c089a9c72195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43614", "type": "seen", "source": "https://t.me/cibsecurity/71082", "content": "\u203c CVE-2023-43614 \u203c\n\nCross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-27T18:42:07.000000Z"}, {"uuid": "41876df9-8258-440f-9bb0-eb04123b4517", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43618", "type": "seen", "source": "https://t.me/cibsecurity/70777", "content": "\u203c CVE-2023-43618 \u203c\n\nAn issue was discovered in Croc through 9.6.5. The protocol requires a sender to provide its local IP addresses in cleartext via an ips? message.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T12:30:01.000000Z"}, {"uuid": "c4bca7df-9103-4c15-a083-19bbb4ed4c83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43616", "type": "seen", "source": "https://t.me/cibsecurity/70782", "content": "\u203c CVE-2023-43616 \u203c\n\nAn issue was discovered in Croc through 9.6.5. A sender can cause a receiver to overwrite files during ZIP extraction.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T12:30:09.000000Z"}, {"uuid": "a1a8f690-d606-4a39-990e-cd031d81696c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43619", "type": "seen", "source": "https://t.me/cibsecurity/70781", "content": "\u203c CVE-2023-43619 \u203c\n\nAn issue was discovered in Croc through 9.6.5. A sender may send dangerous new files to a receiver, such as executable content or a .ssh/authorized_keys file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T12:30:08.000000Z"}, {"uuid": "9339d1de-0f76-44b3-b5c2-4903b52100aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43611", "type": "seen", "source": "https://t.me/cibsecurity/71925", "content": "\u203c CVE-2023-43611 \u203c\n\nThe BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process.\u00c2\u00a0 This vulnerability is due to an incomplete fix for CVE-2023-38418.\u00c2\u00a0\u00c2\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T16:16:48.000000Z"}, {"uuid": "f06e86a7-d8a6-4c26-872d-58036ed73bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4361", "type": "seen", "source": "https://t.me/cibsecurity/68596", "content": "\u203c CVE-2023-4361 \u203c\n\nInappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-15T22:36:57.000000Z"}]}