https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 03 Jun 2026 11:09:34 +0000 https://vulnerability.circl.lu/sighting/b1308e2e-5dba-47da-965d-3d45c3f8962c/export {"uuid": "b1308e2e-5dba-47da-965d-3d45c3f8962c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36460", "type": "seen", "source": "https://t.me/cibsecurity/41379", "content": "\u203c CVE-2021-36460 \u203c\n\nVeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. This allows an attacker in possession of a hash to takeover a user's account, rendering the benefits of storing hashed passwords in the database useless.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-25T16:36:12.000000Z"} {"uuid": "b1308e2e-5dba-47da-965d-3d45c3f8962c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36460", "type": "seen", "source": "https://t.me/cibsecurity/41379", "content": "\u203c CVE-2021-36460 \u203c\n\nVeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. This allows an attacker in possession of a hash to takeover a user's account, rendering the benefits of storing hashed passwords in the database useless.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-25T16:36:12.000000Z"} https://vulnerability.circl.lu/sighting/b1308e2e-5dba-47da-965d-3d45c3f8962c/export Mon, 25 Apr 2022 16:36:12 +0000