https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-15T20:01:16.016375+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/d765da22-1eb9-47ab-ae7d-3ffbeba5fa1b/exportd765da22-1eb9-47ab-ae7d-3ffbeba5fa1b2026-06-15T20:01:16.399854+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "d765da22-1eb9-47ab-ae7d-3ffbeba5fa1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42857", "type": "seen", "source": "https://t.me/cibsecurity/38674", "content": "\u203c CVE-2021-42857 \u203c\n\nIt was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the \"/api/appInternals/1.0/agent/da/pcf\" API. The affected endpoint does not have any validation of the user's input that allows a malicious payload to be injected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T20:18:56.000000Z"}2022-03-10T20:18:56+00:00https://vulnerability.circl.lu/sighting/e4bca608-3bcd-4488-ab38-009a6721bb7f/exporte4bca608-3bcd-4488-ab38-009a6721bb7f2026-06-15T20:01:16.399653+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "e4bca608-3bcd-4488-ab38-009a6721bb7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42854", "type": "seen", "source": "https://t.me/cibsecurity/38714", "content": "\u203c CVE-2021-42854 \u203c\n\nIt was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet has directory traversal vulnerabilities at the \"/api/appInternals/1.0/plugin/pmx\" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be injected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T20:25:59.000000Z"}2022-03-10T20:25:59+00:00https://vulnerability.circl.lu/sighting/e8c6ac8f-3dc7-4a00-a847-4142aae3610a/exporte8c6ac8f-3dc7-4a00-a847-4142aae3610a2026-06-15T20:01:16.399443+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "e8c6ac8f-3dc7-4a00-a847-4142aae3610a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42852", "type": "seen", "source": "https://t.me/cibsecurity/42932", "content": "\u203c CVE-2021-42852 \u203c\n\nA command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T20:28:42.000000Z"}2022-05-18T20:28:42+00:00https://vulnerability.circl.lu/sighting/b275bfa7-8e19-45cb-894d-3ad31113d5c9/exportb275bfa7-8e19-45cb-894d-3ad31113d5c92026-06-15T20:01:16.399240+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "b275bfa7-8e19-45cb-894d-3ad31113d5c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42851", "type": "seen", "source": "https://t.me/cibsecurity/42937", "content": "\u203c CVE-2021-42851 \u203c\n\nA vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to create a standard user account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T20:28:48.000000Z"}2022-05-18T20:28:48+00:00https://vulnerability.circl.lu/sighting/e079a5d1-67cd-44c4-a51c-431dc4f64bd9/exporte079a5d1-67cd-44c4-a51c-431dc4f64bd92026-06-15T20:01:16.399009+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "e079a5d1-67cd-44c4-a51c-431dc4f64bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42850", "type": "seen", "source": "https://t.me/cibsecurity/42945", "content": "\u203c CVE-2021-42850 \u203c\n\nA weak default administrator password for the web interface and serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical or local network access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T20:28:59.000000Z"}2022-05-18T20:28:59+00:00https://vulnerability.circl.lu/sighting/c69bb6fb-0efd-49a4-8f7b-d1b1b129927d/exportc69bb6fb-0efd-49a4-8f7b-d1b1b129927d2026-06-15T20:01:16.398701+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "c69bb6fb-0efd-49a4-8f7b-d1b1b129927d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42859", "type": "seen", "source": "https://t.me/cibsecurity/43372", "content": "\u203c CVE-2021-42859 \u203c\n\nA memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-26T16:14:07.000000Z"}2022-05-26T16:14:07+00:00https://vulnerability.circl.lu/sighting/e424df76-58eb-42df-8a51-be3e97f21a8d/exporte424df76-58eb-42df-8a51-be3e97f21a8d2026-06-15T20:01:16.395464+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "e424df76-58eb-42df-8a51-be3e97f21a8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4285", "type": "seen", "source": "https://t.me/cibsecurity/55394", "content": "\u203c CVE-2021-4285 \u203c\n\nA vulnerability classified as problematic was found in Nagios NCPA. This vulnerability affects unknown code of the file agent/listener/templates/tail.html. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 2.4.0 is able to address this issue. The name of the patch is 5abbcd7aa26e0fc815e6b2b0ffe1c15ef3e8fab5. It is recommended to upgrade the affected component. VDB-216874 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T14:25:21.000000Z"}2022-12-27T14:25:21+00:00