https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 19:00:29 +0000 https://vulnerability.circl.lu/sighting/df6eef52-5b61-4f5a-9f55-9727d468e0c9/export {"uuid": "df6eef52-5b61-4f5a-9f55-9727d468e0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/nimbus_gettopologyhistory_cmd_exec.rb", "content": "", "creation_timestamp": "2021-11-18T23:24:22.000000Z"} {"uuid": "df6eef52-5b61-4f5a-9f55-9727d468e0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/nimbus_gettopologyhistory_cmd_exec.rb", "content": "", "creation_timestamp": "2021-11-18T23:24:22.000000Z"} https://vulnerability.circl.lu/sighting/df6eef52-5b61-4f5a-9f55-9727d468e0c9/export Thu, 18 Nov 2021 23:24:22 +0000 https://vulnerability.circl.lu/sighting/c579983f-4e8b-4520-8e28-3e8d2717d77c/export {"uuid": "c579983f-4e8b-4520-8e28-3e8d2717d77c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3829", "type": "seen", "source": "https://t.me/cibsecurity/33742", "content": "\u203c CVE-2021-3829 \u203c\n\nopenwhyd is vulnerable to URL Redirection to Untrusted Site\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-10T18:25:06.000000Z"} {"uuid": "c579983f-4e8b-4520-8e28-3e8d2717d77c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3829", "type": "seen", "source": "https://t.me/cibsecurity/33742", "content": "\u203c CVE-2021-3829 \u203c\n\nopenwhyd is vulnerable to URL Redirection to Untrusted Site\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-10T18:25:06.000000Z"} https://vulnerability.circl.lu/sighting/c579983f-4e8b-4520-8e28-3e8d2717d77c/export Fri, 10 Dec 2021 18:25:06 +0000 https://vulnerability.circl.lu/sighting/dc6ee7be-1223-433a-8f92-6fd3ac522e41/export {"uuid": "dc6ee7be-1223-433a-8f92-6fd3ac522e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38296", "type": "seen", "source": "https://t.me/cibsecurity/38633", "content": "\u203c CVE-2021-38296 \u203c\n\nApache Spark supports end-to-end encryption of RPC connections via \"spark.authenticate\" and \"spark.network.crypto.enabled\". In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would allow someone to decrypt plaintext traffic offline. Note that this does not affect security mechanisms controlled by \"spark.authenticate.enableSaslEncryption\", \"spark.io.encryption.enabled\", \"spark.ssl\", \"spark.ui.strictTransportSecurity\". Update to Apache Spark 3.1.3 or later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T12:12:32.000000Z"} {"uuid": "dc6ee7be-1223-433a-8f92-6fd3ac522e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38296", "type": "seen", "source": "https://t.me/cibsecurity/38633", "content": "\u203c CVE-2021-38296 \u203c\n\nApache Spark supports end-to-end encryption of RPC connections via \"spark.authenticate\" and \"spark.network.crypto.enabled\". In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would allow someone to decrypt plaintext traffic offline. Note that this does not affect security mechanisms controlled by \"spark.authenticate.enableSaslEncryption\", \"spark.io.encryption.enabled\", \"spark.ssl\", \"spark.ui.strictTransportSecurity\". Update to Apache Spark 3.1.3 or later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T12:12:32.000000Z"} https://vulnerability.circl.lu/sighting/dc6ee7be-1223-433a-8f92-6fd3ac522e41/export Thu, 10 Mar 2022 12:12:32 +0000 https://vulnerability.circl.lu/sighting/d4b2544c-f497-40b5-a0c6-c4cc5e2dad9c/export {"uuid": "d4b2544c-f497-40b5-a0c6-c4cc5e2dad9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/thebugbountyhunter/6473", "content": "CVE-2021-38297 \u2013 Analysis of a Go Web Assembly vulnerability\n\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability/", "creation_timestamp": "2022-08-31T15:31:50.000000Z"} {"uuid": "d4b2544c-f497-40b5-a0c6-c4cc5e2dad9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/thebugbountyhunter/6473", "content": "CVE-2021-38297 \u2013 Analysis of a Go Web Assembly vulnerability\n\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability/", "creation_timestamp": "2022-08-31T15:31:50.000000Z"} https://vulnerability.circl.lu/sighting/d4b2544c-f497-40b5-a0c6-c4cc5e2dad9c/export Wed, 31 Aug 2022 15:31:50 +0000 https://vulnerability.circl.lu/sighting/c0156f39-103f-45df-9183-12ddadeb7b19/export {"uuid": "c0156f39-103f-45df-9183-12ddadeb7b19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/118", "content": "Top Security News for 01/09/2022\n\nSecuring multi-cloud identity with orchestration.\nhttps://thecyberwire.com/podcasts/cyberwire-x/37/notes \n\nHow I Met Your Beacon: Detection Strategies\nhttps://www.reddit.com/r/netsec/comments/x2t7p2/how_i_met_your_beacon_detection_strategies/ \n\nStop Ransomware with Microsoft Security digital event presents threat intelligence in action\nhttps://www.microsoft.com/security/blog/2022/08/31/stop-ransomware-with-microsoft-security-digital-event-presents-threat-intelligence-in-action/ \n\nNEW 'Off The Hook' ONLINE\nhttps://www.2600.com/hook/31-08-2022 \n\nWomen in cybersecurity form non-profit organization The Forte Group\nhttps://www.csoonline.com/article/3671909/women-in-cybersecurity-form-non-profit-organization-the-forte-group.html#tk.rss_all \n\nMalwarebytes receives highest rankings in recent third-party tests\nhttps://malware.news/t/malwarebytes-receives-highest-rankings-in-recent-third-party-tests/63043/1 \n\nCVE-2021-38297 - Technical analysis of a Go WebAssembly vulnerability\nhttps://www.reddit.com/r/netsec/comments/x279b9/cve202138297_technical_analysis_of_a_go/ \n\nFinal Fantasy 14 players targeted by QR code phishing\nhttps://www.malwarebytes.com/blog/news/2022/08/final-fantasy-14-players-targeted-by-qr-code-phishing \n\nUK unveils tighter cybersecurity requirements for telecom industry. Preparing for new cybersecurity regulations.\nhttps://thecyberwire.com/newsletters/policy-briefing/4/168 \n\nPalo Alto adds new SaaS compliance, threat prevention, URL filtering features to Prisma solution\nhttps://www.csoonline.com/article/3671709/palo-alto-adds-new-saas-compliance-threat-prevention-url-filtering-features-to-prisma-solution.html#tk.rss_all \n\n \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-09-01T07:00:09.000000Z"} {"uuid": "c0156f39-103f-45df-9183-12ddadeb7b19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/118", "content": "Top Security News for 01/09/2022\n\nSecuring multi-cloud identity with orchestration.\nhttps://thecyberwire.com/podcasts/cyberwire-x/37/notes \n\nHow I Met Your Beacon: Detection Strategies\nhttps://www.reddit.com/r/netsec/comments/x2t7p2/how_i_met_your_beacon_detection_strategies/ \n\nStop Ransomware with Microsoft Security digital event presents threat intelligence in action\nhttps://www.microsoft.com/security/blog/2022/08/31/stop-ransomware-with-microsoft-security-digital-event-presents-threat-intelligence-in-action/ \n\nNEW 'Off The Hook' ONLINE\nhttps://www.2600.com/hook/31-08-2022 \n\nWomen in cybersecurity form non-profit organization The Forte Group\nhttps://www.csoonline.com/article/3671909/women-in-cybersecurity-form-non-profit-organization-the-forte-group.html#tk.rss_all \n\nMalwarebytes receives highest rankings in recent third-party tests\nhttps://malware.news/t/malwarebytes-receives-highest-rankings-in-recent-third-party-tests/63043/1 \n\nCVE-2021-38297 - Technical analysis of a Go WebAssembly vulnerability\nhttps://www.reddit.com/r/netsec/comments/x279b9/cve202138297_technical_analysis_of_a_go/ \n\nFinal Fantasy 14 players targeted by QR code phishing\nhttps://www.malwarebytes.com/blog/news/2022/08/final-fantasy-14-players-targeted-by-qr-code-phishing \n\nUK unveils tighter cybersecurity requirements for telecom industry. Preparing for new cybersecurity regulations.\nhttps://thecyberwire.com/newsletters/policy-briefing/4/168 \n\nPalo Alto adds new SaaS compliance, threat prevention, URL filtering features to Prisma solution\nhttps://www.csoonline.com/article/3671709/palo-alto-adds-new-saas-compliance-threat-prevention-url-filtering-features-to-prisma-solution.html#tk.rss_all \n\n \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-09-01T07:00:09.000000Z"} https://vulnerability.circl.lu/sighting/c0156f39-103f-45df-9183-12ddadeb7b19/export Thu, 01 Sep 2022 07:00:09 +0000 https://vulnerability.circl.lu/sighting/0d1c137d-a181-409e-adf8-292e1d27c6b0/export {"uuid": "0d1c137d-a181-409e-adf8-292e1d27c6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6742", "content": "#exploit\n1. CVE-2021-38297:\nGo Web Assembly Vulnerability\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability\n\n2. CVE-2022-24124:\nCasdoor SQL Injection\nhttps://github.com/cukw/CVE-2022-24124_POC\n]-> https://blog.qualys.com/vulnerabilities-threat-research/2022/03/09/casdoor-sql-injection-cve-2022-24124", "creation_timestamp": "2022-09-05T12:37:13.000000Z"} {"uuid": "0d1c137d-a181-409e-adf8-292e1d27c6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6742", "content": "#exploit\n1. CVE-2021-38297:\nGo Web Assembly Vulnerability\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability\n\n2. CVE-2022-24124:\nCasdoor SQL Injection\nhttps://github.com/cukw/CVE-2022-24124_POC\n]-> https://blog.qualys.com/vulnerabilities-threat-research/2022/03/09/casdoor-sql-injection-cve-2022-24124", "creation_timestamp": "2022-09-05T12:37:13.000000Z"} https://vulnerability.circl.lu/sighting/0d1c137d-a181-409e-adf8-292e1d27c6b0/export Mon, 05 Sep 2022 12:37:13 +0000 https://vulnerability.circl.lu/sighting/845bff22-e692-43df-b322-42e5cc83fbb1/export {"uuid": "845bff22-e692-43df-b322-42e5cc83fbb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/490", "content": "CVE-2021-38297 : Analysis & Exploit Go < 1.17.2 - Buffer Overflow\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability", "creation_timestamp": "2022-09-29T22:29:01.000000Z"} {"uuid": "845bff22-e692-43df-b322-42e5cc83fbb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/490", "content": "CVE-2021-38297 : Analysis & Exploit Go < 1.17.2 - Buffer Overflow\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability", "creation_timestamp": "2022-09-29T22:29:01.000000Z"} https://vulnerability.circl.lu/sighting/845bff22-e692-43df-b322-42e5cc83fbb1/export Thu, 29 Sep 2022 22:29:01 +0000 https://vulnerability.circl.lu/sighting/42de713f-b3eb-470a-90f0-51a07fd72e0a/export {"uuid": "42de713f-b3eb-470a-90f0-51a07fd72e0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/arpsyndicate/1839", "content": "#ExploitObserverAlert\n\nCVE-2021-38297\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2021-38297. Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.\n\nFIRST-EPSS: 0.004300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-17T20:51:35.000000Z"} {"uuid": "42de713f-b3eb-470a-90f0-51a07fd72e0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/arpsyndicate/1839", "content": "#ExploitObserverAlert\n\nCVE-2021-38297\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2021-38297. Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.\n\nFIRST-EPSS: 0.004300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-17T20:51:35.000000Z"} https://vulnerability.circl.lu/sighting/42de713f-b3eb-470a-90f0-51a07fd72e0a/export Sun, 17 Dec 2023 20:51:35 +0000 https://vulnerability.circl.lu/sighting/ed6dfac4-2875-412f-97e2-168a722320d5/export {"uuid": "ed6dfac4-2875-412f-97e2-168a722320d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"} {"uuid": "ed6dfac4-2875-412f-97e2-168a722320d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"} https://vulnerability.circl.lu/sighting/ed6dfac4-2875-412f-97e2-168a722320d5/export Thu, 06 Feb 2025 03:13:45 +0000 https://vulnerability.circl.lu/sighting/1e75e4b5-afe4-42a0-9a18-07a909810a7a/export {"uuid": "1e75e4b5-afe4-42a0-9a18-07a909810a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:39.000000Z"} {"uuid": "1e75e4b5-afe4-42a0-9a18-07a909810a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:39.000000Z"} https://vulnerability.circl.lu/sighting/1e75e4b5-afe4-42a0-9a18-07a909810a7a/export Sun, 23 Feb 2025 04:10:39 +0000