{"vulnerability": "CVE-2021-4258", "sightings": [{"uuid": "3ecadf6a-f143-4511-a347-2f1ae3731ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4258", "type": "seen", "source": "https://t.me/cibsecurity/54864", "content": "\u203c CVE-2021-4258 \u203c\n\n** DISPUTED ** A vulnerability was found in whohas. It has been rated as problematic. This issue affects some unknown processing of the component Package Information Handler. The manipulation leads to cleartext transmission of sensitive information. The attack may be initiated remotely. The real existence of this vulnerability is still doubted at the moment. The name of the patch is 667c3e2e9178f15c23d7918b5db25cd0792c8472. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216251. NOTE: Most sources redirect to the encrypted site which limits the possibilities of an attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T16:10:39.000000Z"}, {"uuid": "5b8ee103-8e59-4098-b481-432ad2a753b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42586", "type": "seen", "source": "https://t.me/cibsecurity/43154", "content": "\u203c CVE-2021-42586 \u203c\n\nA heap buffer overflow was discovered in copy_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-23T14:36:00.000000Z"}, {"uuid": "3dba091b-b79d-4f29-bc16-ae3e14edb882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42581", "type": "seen", "source": "https://t.me/cibsecurity/42228", "content": "\u203c CVE-2021-42581 \u203c\n\nPrototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property \"__proto__\") as an argument to the function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T14:33:00.000000Z"}, {"uuid": "5e538cb2-614e-4a5f-afe5-8888b42cfbe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42585", "type": "seen", "source": "https://t.me/cibsecurity/43157", "content": "\u203c CVE-2021-42585 \u203c\n\nA heap buffer overflow was discovered in copy_compressed_bytes in decode_r2007.c in dwgread before 0.12.4 via a crafted dwg file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-23T14:36:05.000000Z"}, {"uuid": "8bde8fda-cffc-4952-b80e-98c6b4b8661b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42580", "type": "seen", "source": "https://t.me/cibsecurity/32469", "content": "\u203c CVE-2021-42580 \u203c\n\nSourcecodester Online Learning System 2.0 is vunlerable to sql injection authentication bypass in admin login file (/admin/login.php) and authenticated file upload in (Master.php) file , we can craft these two vunlerablities to get unauthenticated remote command execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-17T16:20:37.000000Z"}, {"uuid": "f378a356-9fd0-4b72-9139-444980e48225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42584", "type": "seen", "source": "https://t.me/cibsecurity/34188", "content": "\u203c CVE-2021-42584 \u203c\n\nA Stored Cross Site Scripting (XSS) issue exists in Convos-Chat before 6.32.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-17T16:37:36.000000Z"}]}