{"vulnerability": "CVE-2023-5166", "sightings": [{"uuid": "6de05cbb-b678-479e-ba39-4140087c8571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51663", "type": "seen", "source": "https://t.me/cibsecurity/74002", "content": "\u203c\ufe0fCVE-2023-51663\u203c\ufe0f\n\nHail is an opensource, generalpurpose, Pythonbased data analysis tool with additional data types and methods for working with genomic data. Hail relies on OpenID Connect OIDC email addresses from ID tokens to verify the validity of a user's domain, but because users have the ability to change their email address, they could create accounts and use resources in clusters that they should not have access to. For example, a user could create a Microsoft or Google account and then change their email to testexample.org. This account can then be used to create a Hail Batch account in Hail Batch clusters whose organization domain is example.org. The attacker is not able to access private data or impersonate another user, but they would have the ability to run jobs if Hail Batch billing projects are enabled and create Azure Tenants if they have Azure Active Directory Administrator access.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:43:02.000000Z"}, {"uuid": "52e3e9d3-8918-4f7a-a68f-c020c4b72980", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51661", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12345", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-51661\n\ud83d\udd25 CVSS Score: 8.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Wasmer is a WebAssembly runtime that enables containers to run anywhere: from Desktop to the Cloud, Edge and even the browser. Wasm programs can access the filesystem outside of the sandbox. Service providers running untrusted Wasm code on Wasmer can unexpectedly expose the host filesystem. This vulnerability has been patched in version 4.2.4.\n\ud83d\udccf Published: 2023-12-22T14:54:23.103Z\n\ud83d\udccf Modified: 2025-04-17T20:29:41.019Z\n\ud83d\udd17 References:\n1. https://github.com/wasmerio/wasmer/security/advisories/GHSA-4mq4-7rw3-vm5j\n2. https://github.com/wasmerio/wasmer/issues/4267\n3. https://github.com/wasmerio/wasmer/commit/4d63febf9d8b257b0531963b85df48d45d0dbf3c", "creation_timestamp": "2025-04-17T20:58:12.000000Z"}, {"uuid": "a612278c-a66a-41a6-ae1b-c809bcc66811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51666", "type": "seen", "source": "https://t.me/ctinow/192456", "content": "https://ift.tt/mlOr0GZ\nCVE-2023-51666 | PickPlugins Related Post Plugin up to 2.0.53 on WordPress cross site scripting", "creation_timestamp": "2024-02-24T07:36:58.000000Z"}, {"uuid": "1ebcdfbe-81a7-4296-b02c-9f84460358b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51669", "type": "seen", "source": "https://t.me/ctinow/177523", "content": "https://ift.tt/YQ3n2iL\nCVE-2023-51669", "creation_timestamp": "2024-02-01T12:36:17.000000Z"}, {"uuid": "f82e1e5b-4287-4287-80dd-02c6cc89cac1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51665", "type": "seen", "source": "https://t.me/ctinow/170244", "content": "https://ift.tt/GLj1wR2\nCVE-2023-51665 | advplyr audiobookshelf up to 2.6.x Auth.js server-side request forgery", "creation_timestamp": "2024-01-19T15:46:46.000000Z"}, {"uuid": "7aba90b1-7be0-41ff-9302-f096566e2373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51663", "type": "seen", "source": "https://t.me/ctinow/170891", "content": "https://ift.tt/o1iTzlV\nCVE-2023-51663 | hail prior 0.2.127 authentication bypass by alternate name (GHSA-487p-qx68-5vjw)", "creation_timestamp": "2024-01-21T17:46:05.000000Z"}, {"uuid": "43ca792b-8447-4bbf-a7cb-a6499a697442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51662", "type": "seen", "source": "https://t.me/ctinow/169635", "content": "https://ift.tt/n9xM5la\nCVE-2023-51662 | Snowflake .NET Driver up to 2.1.4 certificate validation (GHSA-hwcc-4cv8-cf3h)", "creation_timestamp": "2024-01-18T09:41:40.000000Z"}, {"uuid": "96d5bb4e-7687-4756-84b2-83dcf5e7ddf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51661", "type": "seen", "source": "https://t.me/ctinow/169646", "content": "https://ift.tt/FuZxPOj\nCVE-2023-51661 | wasmerio wasmer up to 4.2.3 access control (ID 4267)", "creation_timestamp": "2024-01-18T10:11:34.000000Z"}, {"uuid": "d8a69cbe-ce89-4ee9-8f18-a0e01b2d08e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51668", "type": "seen", "source": "https://t.me/ctinow/172702", "content": "https://ift.tt/Myq4mbS\nCVE-2023-51668 | WP Zone Inline Image Upload for BBPress Plugin up to 1.1.18 on WordPress cross-site request forgery", "creation_timestamp": "2024-01-24T12:11:47.000000Z"}, {"uuid": "009026a3-4320-48b2-9ca2-f550e53187ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51664", "type": "seen", "source": "https://t.me/ctinow/163160", "content": "https://ift.tt/0k4KEUx\nCVE-2023-51664 Exploit", "creation_timestamp": "2024-01-04T19:16:40.000000Z"}, {"uuid": "fb4247cb-b8d0-4b0f-9894-062c8be4a68c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51661", "type": "seen", "source": "https://t.me/ctinow/162240", "content": "https://ift.tt/MkD93JV\nCVE-2023-51661 Exploit", "creation_timestamp": "2024-01-03T08:16:46.000000Z"}, {"uuid": "f1ccd610-a96b-48b2-b434-432a99533ea4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51665", "type": "seen", "source": "https://t.me/ctinow/159744", "content": "https://ift.tt/o3eDIfL\nCVE-2023-51665", "creation_timestamp": "2023-12-27T19:26:41.000000Z"}, {"uuid": "74f5377e-4e15-4e36-89b7-6390d317067c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51664", "type": "seen", "source": "https://t.me/ctinow/159725", "content": "https://ift.tt/ncpgazA\nCVE-2023-51664", "creation_timestamp": "2023-12-27T18:26:16.000000Z"}, {"uuid": "595f608a-e1b3-413a-85d2-13b7eef712f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51662", "type": "seen", "source": "https://t.me/ctinow/158523", "content": "https://ift.tt/XEKtoGh\nCVE-2023-51662", "creation_timestamp": "2023-12-22T18:23:40.000000Z"}, {"uuid": "7edd8c9c-3f90-4949-8b98-d1a1ae146a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51663", "type": "seen", "source": "https://t.me/ctinow/160623", "content": "https://ift.tt/wWfTGQH\nCVE-2023-51663", "creation_timestamp": "2023-12-29T18:26:35.000000Z"}, {"uuid": "27a75fd3-30bc-4c96-9197-854c75e804cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51661", "type": "seen", "source": "https://t.me/ctinow/158460", "content": "https://ift.tt/K0jagI3\nCVE-2023-51661", "creation_timestamp": "2023-12-22T16:23:35.000000Z"}, {"uuid": "0705384f-31c9-42e6-af4e-d7ee6f720fa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-51668", "type": "seen", "source": "https://t.me/ctinow/163473", "content": "https://ift.tt/oGyeamY\nCVE-2023-51668", "creation_timestamp": "2024-01-05T11:31:56.000000Z"}]}