{"vulnerability": "CVE-2023-2265", "sightings": [{"uuid": "3f88f2d6-23aa-4ace-b43b-7b58126e26cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22655", "type": "seen", "source": "https://t.me/ctinow/208001", "content": "https://ift.tt/6fDW0S8\nCVE-2023-22655", "creation_timestamp": "2024-03-14T18:22:34.000000Z"}, {"uuid": "c096b065-3a64-4820-a5de-4fcb9a30d7f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22657", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8927", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-22657\n\ud83d\udd25 CVSS Score: 7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: On F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file names may allow for command injection.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udccf Published: 2023-02-01T17:56:01.101Z\n\ud83d\udccf Modified: 2025-03-26T17:49:38.336Z\n\ud83d\udd17 References:\n1. https://my.f5.com/manage/s/article/K06345931", "creation_timestamp": "2025-03-26T18:25:38.000000Z"}, {"uuid": "c99e1ca1-03f4-4395-aaaf-904ca52332d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22650", "type": "seen", "source": "https://t.me/cvedetector/8045", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-22650 - Rancher Authentication Provider User Token Leverage\", \n  \"Content\": \"CVE ID : CVE-2023-22650 \nPublished : Oct. 16, 2024, 9:15 a.m. | 37\u00a0minutes ago \nDescription : A vulnerability has been identified in which Rancher does not automatically clean up a user which has been deleted from the configured authentication provider (AP). This characteristic also applies to disabled or revoked users, Rancher will not reflect these modifications which may leave the user\u2019s tokens still usable. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T12:11:07.000000Z"}, {"uuid": "c54b4f53-c7fe-4821-ab40-39be2beaa96e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22655", "type": "seen", "source": "https://t.me/ctinow/208018", "content": "https://ift.tt/6fDW0S8\nCVE-2023-22655", "creation_timestamp": "2024-03-14T18:26:50.000000Z"}, {"uuid": "8ab1493e-57a8-4015-a8b2-825d980cfa9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2265", "type": "seen", "source": "https://t.me/ctinow/157578", "content": "https://ift.tt/sz1c9wr\nCVE-2023-2265 | Schweitzer Engineering Laboratories SEL-411L 20230830 improper restriction of rendered ui layers", "creation_timestamp": "2023-12-21T10:37:45.000000Z"}, {"uuid": "ae23a941-083c-49a9-ba29-6b76cdbd93f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22651", "type": "seen", "source": "https://t.me/cibsecurity/63280", "content": "\u203c CVE-2023-22651 \u203c\n\nImproper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into the Kubernetes cluster.The issue only affects users that upgrade from 2.6.x or 2.7.x to 2.7.2. Users that did a fresh install of 2.7.2 (and did not follow an upgrade path) are not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T12:45:11.000000Z"}, {"uuid": "4b170763-6dfe-4536-a221-d78d7dc71ce7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22652", "type": "seen", "source": "https://t.me/cibsecurity/64848", "content": "\u203c CVE-2023-22652 \u203c\n\nA Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in openSUSE libeconf leads to DoS via malformed config files.This issue affects libeconf: before 0.5.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-01T16:30:15.000000Z"}, {"uuid": "5caa1f30-7407-4582-899c-e35ba0888e47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22654", "type": "seen", "source": "https://t.me/cibsecurity/64604", "content": "\u203c CVE-2023-22654 \u203c\n\nClient-side enforcement of server-side security issue exists in T&D Corporation and ESPEC MIC CORP. data logger products, which may lead to an arbitrary script execution on a logged-in user's web browser. Affected products and versions are as follows: T&D Corporation data logger products (TR-71W/72W all firmware versions, RTR-5W all firmware versions, WDR-7 all firmware versions, WDR-3 all firmware versions, and WS-2 all firmware versions), and ESPEC MIC CORP. data logger products (RT-12N/RS-12N all firmware versions, RT-22BN all firmware versions, and TEU-12N all firmware versions).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-23T07:25:24.000000Z"}, {"uuid": "f765b1af-aea7-45a7-9cc0-b48d02d581e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22657", "type": "seen", "source": "https://t.me/cibsecurity/57328", "content": "\u203c CVE-2023-22657 \u203c\n\nOn F5OS-A beginning in version 1.2.0 to before 1.3.0 and F5OS-C beginning in version 1.3.0 to before 1.5.0, processing F5OS tenant file names may allow for command injection. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T20:14:28.000000Z"}]}