{"vulnerability": "CVE-2021-3927", "sightings": [{"uuid": "78c7cab5-34e3-443d-977f-b63fb5d989ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39275", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfsytqwpvn2r", "content": "", "creation_timestamp": "2025-01-16T00:16:09.815488Z"}, {"uuid": "e6955edf-150f-4f9f-b35e-8351601ca286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39275", "type": "seen", "source": "https://gist.github.com/PythonCoderUnicorn/d6b88a20a4dd6922377a44f4d68ccae6", "content": "", "creation_timestamp": "2025-02-14T17:38:04.000000Z"}, {"uuid": "92f642db-8e57-4087-9e26-f32e44722db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3927", "type": "seen", "source": "https://t.me/cibsecurity/31893", "content": "\u203c CVE-2021-3927 \u203c\n\nvim is vulnerable to Heap-based Buffer Overflow\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T17:26:47.000000Z"}, {"uuid": "93fccde7-91e4-4dca-a2a9-0774005317ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39275", "type": "seen", "source": "Telegram/Hf_SunJuoYNf_bsQCJ20cuXyI7bzH8EMEXzusn30k3vpXeQ", "content": "", "creation_timestamp": "2024-10-15T10:14:15.000000Z"}, {"uuid": "dc2ef4fa-af26-489e-9381-c941dad35c63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39275", "type": "seen", "source": "https://gist.github.com/Darkcrai86/0908c98960b358b4b0ba47bc1d37e747", "content": "", "creation_timestamp": "2025-09-16T16:35:14.000000Z"}, {"uuid": "01ea55f6-4b3b-4ff4-a222-fa058f9db9c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39275", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-259-04", "content": "", "creation_timestamp": "2025-09-16T10:00:00.000000Z"}, {"uuid": "5b8ffe5c-a137-4f50-ab4e-b8f666cadbb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39272", "type": "seen", "source": "https://t.me/cibsecurity/27993", "content": "\u203c CVE-2021-39272 \u203c\n\nFetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-30T12:32:08.000000Z"}, {"uuid": "4990fa38-9d3e-44cc-bda1-a09c0565c155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39275", "type": "seen", "source": "https://t.me/cibsecurity/28993", "content": "\u203c CVE-2021-39275 \u203c\n\nap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T18:22:54.000000Z"}, {"uuid": "665d3368-c862-42b4-9c56-4f96a1c53675", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39271", "type": "seen", "source": "https://t.me/cibsecurity/27998", "content": "\u203c CVE-2021-39271 \u203c\n\nOrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code execution (RCE) during archive extraction via attacker-supplied Python code in the class attribute of a .bscw file. This is fixed in 5.0.12, 5.1.10, 5.2.4, 7.3.3, and 7.4.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-30T12:32:14.000000Z"}, {"uuid": "bdf158b8-8bbb-4543-8a6b-990ee96b3f68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39274", "type": "seen", "source": "https://t.me/cibsecurity/27586", "content": "\u203c CVE-2021-39274 \u203c\n\nIn XeroSecurity Sn1per 9.0 (free version), insecure directory permissions (0777) are set during installation, allowing an unprivileged user to modify the main application and the application configuration file. This results in arbitrary code execution with root privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-19T16:17:57.000000Z"}, {"uuid": "847fcd3c-14be-4449-935f-f6b205166bdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39278", "type": "seen", "source": "https://t.me/cibsecurity/28316", "content": "\u203c CVE-2021-39278 \u203c\n\nCertain MOXA devices allow reflected XSS via the Config Import menu. This affects WAC-2004 1.7, WAC-1001 2.1, WAC-1001-T 2.1, OnCell G3470A-LTE-EU 1.7, OnCell G3470A-LTE-EU-T 1.7, TAP-323-EU-CT-T 1.3, TAP-323-US-CT-T 1.3, TAP-323-JP-CT-T 1.3, WDR-3124A-EU 2.3, WDR-3124A-EU-T 2.3, WDR-3124A-US 2.3, and WDR-3124A-US-T 2.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-07T12:17:12.000000Z"}, {"uuid": "a752cc68-f89b-4a2e-97a5-2b4797df27bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39270", "type": "seen", "source": "https://t.me/cibsecurity/27556", "content": "\u203c CVE-2021-39270 \u203c\n\nIn Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T22:17:00.000000Z"}, {"uuid": "672b0de0-b84e-4666-b8fe-6f35af6d69c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39273", "type": "seen", "source": "https://t.me/cibsecurity/27582", "content": "\u203c CVE-2021-39273 \u203c\n\nIn XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) are set upon application execution, allowing an unprivileged user to modify the application, modules, and configuration files. This leads to arbitrary code execution with root privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-19T16:17:52.000000Z"}, {"uuid": "a8ee6668-ba8d-487e-8b08-4d1cdf59101b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39279", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/840", "content": "Fabasoft Cloud Website XSS\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=IqMVpN\nTelegram Desktop 2.9.2 \u62d2\u7d55\u670d\u52d9\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=oCGAFS\nWordPress Plugin Payments Plugin&GetPaid 2.4.6 HTML\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=nmKPJY\nCVE-2021-40352 OpenEMR 6.0.0 \u4e0d\u5b89\u5168\u7684\u76f4\u63a5\u5c0d\u8c61\u5f15\u7528\nhttps://short.pwnwiki.org/?c=qyNCzS\nCiclope SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=S4atKH\nCREFONO 8 SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=GDFZKn\nBank of Saint Lucia SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=on3IV3\nCVE-2021-39279&CVE-2021-39278&CVE-2015-0235&CVE-2013-1914 Moxa \u547d\u4ee4\u6ce8\u5165&XSS\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=g3rHRb\nFillip Technologies SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=fwCNnF", "creation_timestamp": "2021-09-21T04:41:53.000000Z"}, {"uuid": "d0373291-6f98-4131-9323-2ffd0d45c8e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39278", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/840", "content": "Fabasoft Cloud Website XSS\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=IqMVpN\nTelegram Desktop 2.9.2 \u62d2\u7d55\u670d\u52d9\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=oCGAFS\nWordPress Plugin Payments Plugin&GetPaid 2.4.6 HTML\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=nmKPJY\nCVE-2021-40352 OpenEMR 6.0.0 \u4e0d\u5b89\u5168\u7684\u76f4\u63a5\u5c0d\u8c61\u5f15\u7528\nhttps://short.pwnwiki.org/?c=qyNCzS\nCiclope SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=S4atKH\nCREFONO 8 SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=GDFZKn\nBank of Saint Lucia SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=on3IV3\nCVE-2021-39279&CVE-2021-39278&CVE-2015-0235&CVE-2013-1914 Moxa \u547d\u4ee4\u6ce8\u5165&XSS\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=g3rHRb\nFillip Technologies SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=fwCNnF", "creation_timestamp": "2021-09-21T04:41:53.000000Z"}, {"uuid": "ba6ebd52-4b4a-494b-b244-abfeec6cba31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39271", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/837", "content": "\u6700\u8fd1\u6dfb\u52a0\u6f0f\u6d1e\uff08\u5982\u679c\u60a8\u5728Team\u5167\u53ef\u76f4\u63a5\u67e5\u770b\uff09\uff1a\nBus Pass Management System 1.0 SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=LFzbUi\nCVE-2021-21307 WinWaste.NET 1.0.6183.16475 \u672c\u5730\u6b0a\u9650\u63d0\u5347\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=K10VCw\nCVE-2020-7387&CVE-2020-7388 Sage X3 Administration Service \u8eab\u4efd\u9a57\u8b49\u7e5e\u904e&\u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=b52hhB\nCVE-2021-34621 WordPress Plugin ProfilePress 3.1.3 \u6b0a\u9650\u63d0\u5347\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=k86vqZ\nCVE-2021-39271 BSCW Server \u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=BDzTae\nCVE-2021-36359 BSCW Server XML\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=ENsAuJ\nCVE-2021-21300 Git LFS Clone \u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=SGwDct\nDyephotographic SQL\u6ce8\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=X7Hvce\nCVE-2020-6404 Google Chrome 80.0.3987.87 \u62d2\u7d55\u670d\u52d9\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=xzWCaC\nCVE-2019-19143 TP-Link TL-WR849N 0.9.1 4.16 \u8eab\u4efd\u9a57\u8b49\u7e5e\u904e\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=CPltjo\nCVE-2020-9038 Joplin Desktop 1.0.184 XSS\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=4ysOvF\nCVE-2020-5811 Umbraco CMS 8.9.1 \u76ee\u9304\u904d\u6b77&\u4efb\u610f\u6587\u4ef6\u5beb\u5165\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=jV0T9b\nCNVD-2021-35581 WPS For Linux RCE\u6f0f\u6d1e\nhttps://short.pwnwiki.org/?c=hYL9m9", "creation_timestamp": "2021-09-21T04:41:55.000000Z"}]}