{"vulnerability": "CVE-2020-3537", "sightings": [{"uuid": "ac64ef2b-39b5-4dd7-9ed8-19e8f0c25473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35376", "type": "seen", "source": "https://t.me/cibsecurity/21318", "content": "\u203c CVE-2020-35376 \u203c\n\nXpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-26T07:26:37.000000Z"}, {"uuid": "a623eff6-2265-4115-886f-1c7d542d4bb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35378", "type": "seen", "source": "https://t.me/cibsecurity/20742", "content": "\u203c CVE-2020-35378 \u203c\n\nSQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-14T18:39:05.000000Z"}]}