{"vulnerability": "CVE-2020-3546", "sightings": [{"uuid": "72be343c-ccf8-4bca-9cea-fd763395e559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35460", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrspzahij2m", "content": "", "creation_timestamp": "2025-08-19T21:02:22.987776Z"}, {"uuid": "d7879e17-81c1-49f9-a63b-2075d8a9dd5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35460", "type": "seen", "source": "https://t.me/cvedetector/9141", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49771 - MPXJ Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49771 \nPublished : Oct. 28, 2024, 5:15 p.m. | 23\u00a0minutes ago \nDescription : MPXJ is an open source library to read and write project plans from a variety of file formats and databases. The patch for the historical vulnerability CVE-2020-35460 in MPXJ is incomplete as there is still a possibility that a malicious path could be constructed which would not be picked up by the original fix and allow files to be written to arbitrary locations. The issue is addressed in MPXJ version 13.5.1. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T18:40:29.000000Z"}, {"uuid": "9b49f551-3da9-481b-97d2-d496f0fd454d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35466", "type": "seen", "source": "https://t.me/cibsecurity/20892", "content": "\u203c CVE-2020-35466 \u203c\n\nThe Blackfire Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Blackfire container may allow a remote attacker to achieve root access with a blank password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T02:45:47.000000Z"}, {"uuid": "8afc05aa-beb6-481f-ab56-eab33e6659b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35467", "type": "seen", "source": "https://t.me/cibsecurity/20891", "content": "\u203c CVE-2020-35467 \u203c\n\nThe Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Docker Docs container may allow a remote attacker to achieve root access with a blank password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T02:45:46.000000Z"}, {"uuid": "fad8c21c-ef01-4a94-915e-ad30cf9721b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35464", "type": "seen", "source": "https://t.me/cibsecurity/20902", "content": "\u203c CVE-2020-35464 \u203c\n\nVersion 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote attacker to achieve root access with a blank password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T02:46:02.000000Z"}, {"uuid": "061cb806-754b-4d36-9437-a0a647122141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35469", "type": "seen", "source": "https://t.me/cibsecurity/20901", "content": "\u203c CVE-2020-35469 \u203c\n\nThe Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root user. Systems deployed using affected versions of the Terracotta Server OSS container may allow a remote attacker to achieve root access with a blank password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T02:46:01.000000Z"}, {"uuid": "afbc1935-4617-4491-a1e4-b80c91c2407b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35462", "type": "seen", "source": "https://t.me/cibsecurity/20900", "content": "\u203c CVE-2020-35462 \u203c\n\nVersion 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the CoScale agent container may allow a remote attacker to achieve root access with a blank password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T02:45:57.000000Z"}, {"uuid": "a05a8777-510f-476e-906e-f926e93feec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35463", "type": "seen", "source": "https://t.me/cibsecurity/20899", "content": "\u203c CVE-2020-35463 \u203c\n\nVersion 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user. Systems deployed using affected versions of the Instana Dynamic APM container may allow a remote attacker to achieve root access with a blank password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T02:45:56.000000Z"}, {"uuid": "45592c02-9443-4767-afc2-91c243d2b4e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35465", "type": "seen", "source": "https://t.me/cibsecurity/20898", "content": "\u203c CVE-2020-35465 \u203c\n\nThe FullArmor HAPI File Share Mount Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the FullArmor HAPI File Share Mount container may allow the remote attacker to achieve root access with a blank password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T02:45:55.000000Z"}, {"uuid": "3337aad7-dfc2-4edb-bd0b-b76f6317889a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35468", "type": "seen", "source": "https://t.me/cibsecurity/20895", "content": "\u203c CVE-2020-35468 \u203c\n\nThe Appbase streams Docker image 2.1.2 contains a blank password for the root user. Systems deployed using affected versions of the streams container may allow a remote attacker to achieve root access with a blank password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-16T02:45:50.000000Z"}]}