{"vulnerability": "CVE-2023-4589", "sightings": [{"uuid": "88097a65-da07-441d-96ef-e70402cea512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-45896", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "3951ce6d-b2cc-4daf-8eba-04866af458cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45898", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14321", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-45898\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.\n\ud83d\udccf Published: 2023-10-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T15:57:31.468Z\n\ud83d\udd17 References:\n1. https://lore.kernel.org/lkml/aa03f191-445c-0d2e-d6d7-0a3208d7df7a%40huawei.com/T/\n2. https://www.spinics.net/lists/stable-commits/msg317086.html\n3. https://lkml.org/lkml/2023/8/13/477\n4. https://github.com/torvalds/linux/commit/768d612f79822d30a1e7d132a4d4b05337ce42ec\n5. https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.4", "creation_timestamp": "2025-05-01T16:14:31.000000Z"}, {"uuid": "18be0287-9d66-40ab-95dd-90ce0ede3313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45896", "type": "seen", "source": "https://t.me/cvedetector/4300", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-45896 - Linux NTFS3 Kernel Memory Disclosure\", \n  \"Content\": \"CVE ID : CVE-2023-45896 \nPublished : Aug. 28, 2024, 5:15 a.m. | 16\u00a0minutes ago \nDescription : ntfs3 in the Linux kernel before 6.5.11 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an out-of-bounds read. A length value can be larger than the amount of memory allocated. NOTE: the supplier's perspective is that there is no vulnerability when an attack requires an attacker-modified filesystem image. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-28T07:36:26.000000Z"}, {"uuid": "eaea431c-46dc-496b-97a5-e62ecb11633f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45893", "type": "seen", "source": "https://t.me/cibsecurity/74199", "content": "\u203c\ufe0fCVE-2023-45893\u203c\ufe0f\n\nAn indirect Object Reference IDOR in the Order and Invoice pages in Floorsight Customer Portal Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:37:08.000000Z"}, {"uuid": "c0a7a8a9-1ed9-4fee-99a3-335ca15ef5e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45892", "type": "seen", "source": "https://t.me/cibsecurity/74198", "content": "\u203c\ufe0fCVE-2023-45892\u203c\ufe0f\n\nAn issue discovered in the Order and Invoice pages in Floorsight Insights Q3 2023 allows an unauthenticated remote attacker to view sensitive customer information.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:37:03.000000Z"}, {"uuid": "8622b089-b060-4419-b948-24de3c9fb44e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45897", "type": "seen", "source": "https://t.me/cibsecurity/73108", "content": "\u203c CVE-2023-45897 \u203c\n\nexfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-29T00:18:04.000000Z"}, {"uuid": "43a72f3f-4821-4e23-a149-c9e14b8e31a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4589", "type": "seen", "source": "https://t.me/cibsecurity/69999", "content": "\u203c CVE-2023-4589 \u203c\n\nInsufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10.9.000002 version. An attacker with an administrator account could perform software updates without proper integrity verification mechanisms. In this scenario, the update process lacks digital signatures and fails to validate the integrity of the update package, allowing the attacker to inject malicious applications during the update.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T16:17:41.000000Z"}, {"uuid": "ec229730-56aa-44ce-827d-2043835fe724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45892", "type": "seen", "source": "https://t.me/ctinow/171877", "content": "https://ift.tt/M5ygGsk\nCVE-2023-45892 | Floorsight Insights Q3 2023 Order/Invoice Pages information disclosure", "creation_timestamp": "2024-01-23T11:51:50.000000Z"}, {"uuid": "888b22b0-ecfb-4620-b506-7d935ddc0af8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45893", "type": "seen", "source": "https://t.me/ctinow/171788", "content": "https://ift.tt/eWdgI6k\nCVE-2023-45893 | Floorsight Customer Portal Q3 2023 Order/Invoice Pages resource injection", "creation_timestamp": "2024-01-23T09:21:34.000000Z"}, {"uuid": "062bcb17-86d8-4d6f-98c0-a2d1451b99a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45893", "type": "seen", "source": "https://t.me/ctinow/162053", "content": "https://ift.tt/nwFTehq\nCVE-2023-45893", "creation_timestamp": "2024-01-02T22:26:49.000000Z"}, {"uuid": "92399f92-ee51-4999-ac6e-53a919e8dadc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-45892", "type": "seen", "source": "https://t.me/ctinow/162052", "content": "https://ift.tt/Ti23qnH\nCVE-2023-45892", "creation_timestamp": "2024-01-02T22:26:48.000000Z"}]}