{"vulnerability": "CVE-2020-3588", "sightings": [{"uuid": "3a59fa10-1a35-4af4-a772-294396c57fcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35881", "type": "seen", "source": "https://gist.github.com/soul2zimate/a5296bc917881b1c43c396b5caf75393", "content": "", "creation_timestamp": "2026-04-07T11:43:13.000000Z"}, {"uuid": "fbb6c0a4-d41f-4a72-9edf-7769d3948952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35884", "type": "seen", "source": "https://t.me/cibsecurity/21454", "content": "\u203c CVE-2020-35884 \u203c\n\nAn issue was discovered in the tiny_http crate through 2020-06-16 for Rust. HTTP Request smuggling can occur via a malformed Transfer-Encoding header.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:37:28.000000Z"}, {"uuid": "49f47a1c-dbc7-4edb-850d-b947e67e5a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35886", "type": "seen", "source": "https://t.me/cibsecurity/21462", "content": "\u203c CVE-2020-35886 \u203c\n\nAn issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:37:42.000000Z"}, {"uuid": "da083120-af00-4fc8-8fa8-2c2c836ce267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35885", "type": "seen", "source": "https://t.me/cibsecurity/21460", "content": "\u203c CVE-2020-35885 \u203c\n\nAn issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:37:37.000000Z"}, {"uuid": "8058fb37-21ad-4d1d-9e1d-c4ff286d8de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35880", "type": "seen", "source": "https://t.me/cibsecurity/21471", "content": "\u203c CVE-2020-35880 \u203c\n\nAn issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:41:26.000000Z"}, {"uuid": "8cc310aa-10c6-4b85-95ec-0a47bd96c1c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35882", "type": "seen", "source": "https://t.me/cibsecurity/21472", "content": "\u203c CVE-2020-35882 \u203c\n\nAn issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references to the same object, possibly causing a data race.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:45:24.000000Z"}, {"uuid": "2e0c63a9-3cae-4e71-b104-dd205db5a808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-3588", "type": "seen", "source": "https://t.me/cibsecurity/16003", "content": "\u203c CVE-2020-3588 \u203c\n\nA vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. This vulnerability occurs when this app is deployed in a virtual desktop environment and using virtual environment optimization. This vulnerability is due to improper validation of messages processed by the Cisco Webex Meetings Desktop App. A local attacker with limited privileges could exploit this vulnerability by sending malicious messages to the affected software by using the virtualization channel interface. A successful exploit could allow the attacker to modify the underlying operating system configuration, which could allow the attacker to execute arbitrary code with the privileges of a targeted user. Note: This vulnerability can be exploited only when Cisco Webex Meetings Desktop App is in a virtual desktop environment on a hosted virtual desktop (HVD) and is configured to use the Cisco Webex Meetings virtual desktop plug-in for thin clients.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-06T22:51:21.000000Z"}]}