https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 06 May 2026 19:50:36 +0000 https://vulnerability.circl.lu/sighting/1a4a3a93-a53c-4e1e-a76d-68ac62ef7119/export {"uuid": "1a4a3a93-a53c-4e1e-a76d-68ac62ef7119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42641", "type": "seen", "source": "https://t.me/cibsecurity/36717", "content": "\u203c CVE-2021-42641 \u203c\n\nPrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T20:29:01.000000Z"} {"uuid": "1a4a3a93-a53c-4e1e-a76d-68ac62ef7119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42641", "type": "seen", "source": "https://t.me/cibsecurity/36717", "content": "\u203c CVE-2021-42641 \u203c\n\nPrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T20:29:01.000000Z"} https://vulnerability.circl.lu/sighting/1a4a3a93-a53c-4e1e-a76d-68ac62ef7119/export Wed, 02 Feb 2022 20:29:01 +0000 https://vulnerability.circl.lu/sighting/728ec3ce-bf7e-4b0c-bed7-43c00caae75f/export {"uuid": "728ec3ce-bf7e-4b0c-bed7-43c00caae75f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42640", "type": "seen", "source": "https://t.me/cibsecurity/36720", "content": "\u203c CVE-2021-42640 \u203c\n\nPrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T20:29:07.000000Z"} {"uuid": "728ec3ce-bf7e-4b0c-bed7-43c00caae75f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42640", "type": "seen", "source": "https://t.me/cibsecurity/36720", "content": "\u203c CVE-2021-42640 \u203c\n\nPrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T20:29:07.000000Z"} https://vulnerability.circl.lu/sighting/728ec3ce-bf7e-4b0c-bed7-43c00caae75f/export Wed, 02 Feb 2022 20:29:07 +0000 https://vulnerability.circl.lu/sighting/7469ad3f-98d5-4a20-b269-334c4906a1e8/export {"uuid": "7469ad3f-98d5-4a20-b269-334c4906a1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42642", "type": "seen", "source": "https://t.me/cibsecurity/36721", "content": "\u203c CVE-2021-42642 \u203c\n\nPrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T20:29:09.000000Z"} {"uuid": "7469ad3f-98d5-4a20-b269-334c4906a1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42642", "type": "seen", "source": "https://t.me/cibsecurity/36721", "content": "\u203c CVE-2021-42642 \u203c\n\nPrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-02T20:29:09.000000Z"} https://vulnerability.circl.lu/sighting/7469ad3f-98d5-4a20-b269-334c4906a1e8/export Wed, 02 Feb 2022 20:29:09 +0000 https://vulnerability.circl.lu/sighting/d2e59d94-0814-40c0-a62d-0f8acd503e60/export {"uuid": "d2e59d94-0814-40c0-a62d-0f8acd503e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42645", "type": "seen", "source": "https://t.me/cibsecurity/42233", "content": "\u203c CVE-2021-42645 \u203c\n\nCMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this vulnerability, an attacker must use the \"File\" parameter to upload a PHP payload to get a reverse shell from the vulnerable host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T16:34:09.000000Z"} {"uuid": "d2e59d94-0814-40c0-a62d-0f8acd503e60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42645", "type": "seen", "source": "https://t.me/cibsecurity/42233", "content": "\u203c CVE-2021-42645 \u203c\n\nCMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnerability. To exploit this vulnerability, an attacker must use the \"File\" parameter to upload a PHP payload to get a reverse shell from the vulnerable host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T16:34:09.000000Z"} https://vulnerability.circl.lu/sighting/d2e59d94-0814-40c0-a62d-0f8acd503e60/export Tue, 10 May 2022 16:34:09 +0000 https://vulnerability.circl.lu/sighting/9eafd229-b537-4ac7-be83-33eab95aa885/export {"uuid": "9eafd229-b537-4ac7-be83-33eab95aa885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42648", "type": "seen", "source": "https://t.me/cibsecurity/42406", "content": "\u203c CVE-2021-42648 \u203c\n\nCross-site scripting (XSS) vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T22:34:25.000000Z"} {"uuid": "9eafd229-b537-4ac7-be83-33eab95aa885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42648", "type": "seen", "source": "https://t.me/cibsecurity/42406", "content": "\u203c CVE-2021-42648 \u203c\n\nCross-site scripting (XSS) vulnerability exists in Coder Code-Server before 3.12.0, allows attackers to execute arbitrary code via crafted URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-11T22:34:25.000000Z"} https://vulnerability.circl.lu/sighting/9eafd229-b537-4ac7-be83-33eab95aa885/export Wed, 11 May 2022 22:34:25 +0000 https://vulnerability.circl.lu/sighting/e52f41d5-0ca1-416b-ac52-0082c689766b/export {"uuid": "e52f41d5-0ca1-416b-ac52-0082c689766b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42646", "type": "seen", "source": "https://t.me/cibsecurity/42411", "content": "\u203c CVE-2021-42646 \u203c\n\nXML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; and WSO2 IS as Key Manager 5.7.0, 5.9.0, and 5.10.0; and WSO2 Identity Server 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0. Allows attackers to gain read access to sensitive information or cause a denial of service via crafted GET requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-12T11:04:28.000000Z"} {"uuid": "e52f41d5-0ca1-416b-ac52-0082c689766b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42646", "type": "seen", "source": "https://t.me/cibsecurity/42411", "content": "\u203c CVE-2021-42646 \u203c\n\nXML External Entity (XXE) vulnerability in the file based service provider creation feature of the Management Console in WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, and 4.0.0; and WSO2 IS as Key Manager 5.7.0, 5.9.0, and 5.10.0; and WSO2 Identity Server 5.7.0, 5.8.0, 5.9.0, 5.10.0, and 5.11.0. Allows attackers to gain read access to sensitive information or cause a denial of service via crafted GET requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-12T11:04:28.000000Z"} https://vulnerability.circl.lu/sighting/e52f41d5-0ca1-416b-ac52-0082c689766b/export Thu, 12 May 2022 11:04:28 +0000 https://vulnerability.circl.lu/sighting/1fff0415-5334-4952-9453-198c0bf59b5d/export {"uuid": "1fff0415-5334-4952-9453-198c0bf59b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42643", "type": "seen", "source": "https://t.me/cibsecurity/42804", "content": "\u203c CVE-2021-42643 \u203c\n\ncmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-17T16:27:26.000000Z"} {"uuid": "1fff0415-5334-4952-9453-198c0bf59b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42643", "type": "seen", "source": "https://t.me/cibsecurity/42804", "content": "\u203c CVE-2021-42643 \u203c\n\ncmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnerability. Through this vulnerability, a PHP script file is written to the website server, and accessing this file can lead to a code execution vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-17T16:27:26.000000Z"} https://vulnerability.circl.lu/sighting/1fff0415-5334-4952-9453-198c0bf59b5d/export Tue, 17 May 2022 16:27:26 +0000 https://vulnerability.circl.lu/sighting/275ac72a-2f9f-4a47-8c7a-ed6e1472175c/export {"uuid": "275ac72a-2f9f-4a47-8c7a-ed6e1472175c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42644", "type": "seen", "source": "https://t.me/cibsecurity/42805", "content": "\u203c CVE-2021-42644 \u203c\n\ncmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. After login, the configuration file information of the website such as the database configuration file (config / config_database) can be read through this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-17T16:27:27.000000Z"} {"uuid": "275ac72a-2f9f-4a47-8c7a-ed6e1472175c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42644", "type": "seen", "source": "https://t.me/cibsecurity/42805", "content": "\u203c CVE-2021-42644 \u203c\n\ncmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. After login, the configuration file information of the website such as the database configuration file (config / config_database) can be read through this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-17T16:27:27.000000Z"} https://vulnerability.circl.lu/sighting/275ac72a-2f9f-4a47-8c7a-ed6e1472175c/export Tue, 17 May 2022 16:27:27 +0000 https://vulnerability.circl.lu/sighting/526ee039-a8d3-46dd-8ac4-640bd08e580a/export {"uuid": "526ee039-a8d3-46dd-8ac4-640bd08e580a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4264", "type": "seen", "source": "https://t.me/cibsecurity/55072", "content": "\u203c CVE-2021-4264 \u203c\n\nA vulnerability was found in LinkedIn dustjs 3.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.1 is able to address this issue. The name of the patch is ddb6523832465d38c9d80189e9de60519ac307c3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216464.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T22:12:57.000000Z"} {"uuid": "526ee039-a8d3-46dd-8ac4-640bd08e580a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4264", "type": "seen", "source": "https://t.me/cibsecurity/55072", "content": "\u203c CVE-2021-4264 \u203c\n\nA vulnerability was found in LinkedIn dustjs 3.0.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.1 is able to address this issue. The name of the patch is ddb6523832465d38c9d80189e9de60519ac307c3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216464.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-21T22:12:57.000000Z"} https://vulnerability.circl.lu/sighting/526ee039-a8d3-46dd-8ac4-640bd08e580a/export Wed, 21 Dec 2022 22:12:57 +0000