Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-04T16:52:28.290130+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/5ee19e05-5492-4cd4-8102-6981d49ddfb1/export 5ee19e05-5492-4cd4-8102-6981d49ddfb1 2026-05-04T16:52:28.689115+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "5ee19e05-5492-4cd4-8102-6981d49ddfb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37270", "type": "seen", "source": "https://t.me/cibsecurity/29525", "content": "\u203c CVE-2021-37270 \u203c\n\nThere is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5.0. Attackers can use this vulnerability to directly access the specified background path without logging in to the background to obtain the background administrator authority.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T00:34:58.000000Z"} 2021-09-28T00:34:58+00:00 https://vulnerability.circl.lu/sighting/6356ab72-e2c3-4877-9c4b-1d841a31e894/export 6356ab72-e2c3-4877-9c4b-1d841a31e894 2026-05-04T16:52:28.689034+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6356ab72-e2c3-4877-9c4b-1d841a31e894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37274", "type": "seen", "source": "https://t.me/cibsecurity/29528", "content": "\u203c CVE-2021-37274 \u203c\n\nKingdee KIS Professional Edition has a privilege escalation vulnerability. Attackers can use the vulnerability to gain computer administrator rights via unspecified loopholes.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T00:35:04.000000Z"} 2021-09-28T00:35:04+00:00 https://vulnerability.circl.lu/sighting/e68b32df-8fdc-4d80-a4c5-d65d391fc8d8/export e68b32df-8fdc-4d80-a4c5-d65d391fc8d8 2026-05-04T16:52:28.688947+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e68b32df-8fdc-4d80-a4c5-d65d391fc8d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37271", "type": "seen", "source": "https://t.me/cibsecurity/29593", "content": "\u203c CVE-2021-37271 \u203c\n\nCross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T22:36:06.000000Z"} 2021-09-28T22:36:06+00:00 https://vulnerability.circl.lu/sighting/daebc496-bba2-463d-9f73-b9b06b620bea/export daebc496-bba2-463d-9f73-b9b06b620bea 2026-05-04T16:52:28.688825+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "daebc496-bba2-463d-9f73-b9b06b620bea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37273", "type": "seen", "source": "https://t.me/cibsecurity/29597", "content": "\u203c CVE-2021-37273 \u203c\n\nA Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450(EPON ONU) 3.0. Tianyi Gateway is a hardware terminal of \"Optical Modem Smart Router.\" Attackers can use this vulnerability to restart the device multiple times.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T22:36:10.000000Z"} 2021-09-28T22:36:10+00:00 https://vulnerability.circl.lu/sighting/94e2092b-c2b0-48a5-9fa4-6d7ac43e3806/export 94e2092b-c2b0-48a5-9fa4-6d7ac43e3806 2026-05-04T16:52:28.686069+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "94e2092b-c2b0-48a5-9fa4-6d7ac43e3806", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3727", "type": "seen", "source": "https://t.me/cibsecurity/33076", "content": "\u203c CVE-2021-3727 \u203c\n\n# Vulnerability in `rand-quote` and `hitokoto` plugins **Description**: the `rand-quote` and `hitokoto` fetch quotes from quotationspage.com and hitokoto.cn respectively, do some process on them and then use `print -P` to print them. If these quotes contained the proper symbols, they could trigger command injection. Given that they're an external API, it's not possible to know if the quotes are safe to use. **Fixed in**: [72928432](https://github.com/ohmyzsh/ohmyzsh/commit/72928432). **Impacted areas**: - `rand-quote` plugin (`quote` function). - `hitokoto` plugin (`hitokoto` function).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-30T12:34:09.000000Z"} 2021-11-30T12:34:09+00:00