{"vulnerability": "cve-2020-3573", "sightings": [{"uuid": "fd721874-272a-44d3-be16-9ce1adff1771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-22T18:10:03.000000Z"}, {"uuid": "404baf7f-90eb-4926-a84b-4b038cce8e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35734", "type": "seen", "source": "MISP/a47ec090-3292-42fc-a1c0-1e736d4681e5", "content": "", "creation_timestamp": "2024-11-14T06:07:59.000000Z"}, {"uuid": "bc08c91c-96f1-4901-89a6-47c771bbd170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971835", "content": "", "creation_timestamp": "2024-12-24T20:34:38.887739Z"}, {"uuid": "b46403d4-9b86-40ca-b4c7-7a1671235695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-887b81fb-d3ea0e1ba8258ecc", "content": "", "creation_timestamp": "2025-06-01T02:57:46.937040Z"}, {"uuid": "143eba05-2f32-475e-a500-ea492a92acf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:43.000000Z"}, {"uuid": "244fc3e3-48fe-469f-b75f-bd942aec8ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "seen", "source": "https://t.me/itsec_news/2805", "content": "\u200b\u26a1\ufe0fMicrosoft: \u0443\u043a\u0440\u0430\u0438\u043d\u0441\u043a\u0438\u0435 \u0421\u041c\u0418 \u0441\u0442\u0430\u043b\u0438 \u043b\u043e\u0432\u0443\u0448\u043a\u043e\u0439 \u0434\u043b\u044f \u0436\u0435\u0440\u0442\u0432 \u0433\u0440\u0443\u043f\u043f\u044b Midnight Blizzard.\n\n\ud83d\udcac\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Microsoft \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432\u0441\u043f\u043b\u0435\u0441\u043a \u0430\u0442\u0430\u043a \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 Midnight Blizzard, \u0441\u043e\u0441\u0440\u0435\u0434\u043e\u0442\u043e\u0447\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043a\u0440\u0430\u0436\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0412 \u0445\u043e\u0434\u0435 \u0430\u0442\u0430\u043a \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0440\u0435\u0437\u0438\u0434\u0435\u043d\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0434\u043b\u044f \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430, \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432 \u0418\u0422-\u0443\u0441\u043b\u0443\u0433, \u041d\u041f\u041e, \u043e\u0431\u043e\u0440\u043e\u043d\u043d\u044b\u0439 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0439 \u0441\u0435\u043a\u0442\u043e\u0440\u044b \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430.\n\nMidnight Blizzard (Nobelium, APT29, Cozy Bear, Iron Hemlock \u0438 The Dukes) \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u043b\u0430 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0432\u0441\u0435\u0433\u043e \u043c\u0438\u0440\u0430 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0435\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a SolarWinds \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2020 \u0433\u043e\u0434\u0430 \u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043d\u0435\u0437\u0430\u043c\u0435\u0442\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0432 \u0441\u0432\u043e\u0438\u0445 \u0446\u0435\u043b\u0435\u0432\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u041c\u0418\u0414\u044b \u0438 \u0434\u0438\u043f\u043b\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u0440\u0430\u0441\u043f\u044b\u043b\u0435\u043d\u0438\u044f \u043f\u0430\u0440\u043e\u043b\u0435\u0439 (Password Spraying), \u0431\u0440\u0443\u0442\u0444\u043e\u0440\u0441\u0430 \u0438 \u043a\u0440\u0430\u0436\u0438 \u0442\u043e\u043a\u0435\u043d\u043e\u0432. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Microsoft, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b \u0430\u0442\u0430\u043a\u0438 \u0441 \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u044b\u043c \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u0435\u043c \u0441\u0435\u0430\u043d\u0441\u0430, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0443\u043a\u0440\u0430\u0434\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0430\u043d\u0441\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0431\u044b\u043b\u0438 \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0442\u0435\u043d\u044b \u043f\u0443\u0442\u0435\u043c \u043d\u0435\u0437\u0430\u043a\u043e\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0434\u0430\u0436\u0438.\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438, \u0447\u0442\u043e APT29 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u0437\u0438\u0434\u0435\u043d\u0442\u043d\u044b\u0435 \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0438\u0441\u044b \u0434\u043b\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0432 \u043f\u043e\u043f\u044b\u0442\u043a\u0435 \u0437\u0430\u043f\u0443\u0442\u0430\u0442\u044c \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f, \u0441\u0434\u0435\u043b\u0430\u043d\u043d\u044b\u0435 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u0425\u0430\u043a\u0435\u0440\u044b, \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u0442\u0438 IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u043e\u0447\u0435\u043d\u044c \u043a\u043e\u0440\u043e\u0442\u043a\u043e\u0433\u043e \u043f\u0435\u0440\u0438\u043e\u0434\u0430 \u0432\u0440\u0435\u043c\u0435\u043d\u0438, \u0447\u0442\u043e \u043c\u043e\u0433\u043b\u043e \u0437\u0430\u0442\u0440\u0443\u0434\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0426\u0435\u043d\u0442\u0440\u0430 \u043a\u0438\u0431\u0435\u0440\u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u043f\u0440\u043e\u0442\u0438\u0432\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043a\u0438\u0431\u0435\u0440\u0443\u0433\u0440\u043e\u0437\u0430\u043c \u0423\u043a\u0440\u0430\u0438\u043d\u044b (CERT-UA), \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 \u0432\u0435\u0431-\u043f\u043e\u0447\u0442\u044b Roundcube \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c ( CVE-2020-12641 , CVE-2020-35730 \u0438 CVE-2021-44026 ) \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u0432\u0435\u0434\u043a\u0438 \u0438 \u0441\u0431\u043e\u0440\u0430 \u0434\u0430\u043d\u043d\u044b\u0445.\n\n\u0426\u0435\u043b\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0444\u0438\u0448\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b\u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u043d\u044b\u0435 \u0442\u0435\u043c\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0423\u043a\u0440\u0430\u0438\u043d\u043e\u0439, \u0441 \u0442\u0435\u043c\u0430\u043c\u0438 \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435\u043c, \u043e\u0442\u0440\u0430\u0436\u0430\u044e\u0449\u0438\u043c\u0438 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0438\u0435 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438 \u0421\u041c\u0418. \u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u0432\u0437\u043b\u043e\u043c \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0443 JavaScript, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u043b\u0430 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0435 \u043f\u0438\u0441\u044c\u043c\u0430 \u0436\u0435\u0440\u0442\u0432 \u043d\u0430 \u0430\u0434\u0440\u0435\u0441 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0439\u0441\u044f \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0445\u0438\u0449\u0430\u043b\u0430 \u0441\u043f\u0438\u0441\u043a\u0438 \u043a\u043e\u043d\u0442\u0430\u043a\u0442\u043e\u0432 \u0446\u0435\u043b\u0435\u0439.\n\n\u0427\u0442\u043e \u0435\u0449\u0435 \u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u043e, \u044d\u0442\u0430 \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u043a\u0430\u043a \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442\u0441\u044f, \u0441\u043e\u0433\u043b\u0430\u0441\u0443\u0435\u0442\u0441\u044f \u0441 \u0430\u0442\u0430\u043a\u0430\u043c\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Microsoft Outlook ( CVE-2023-23397 ), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 Microsoft \u043f\u0440\u0438\u043f\u0438\u0441\u0430\u043b\u0430 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0435 APT28 (Fancy Bear, Sofacy).\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-06-28T19:04:46.000000Z"}, {"uuid": "9b6d33ba-a869-4134-a35e-1265e21c0f04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lswtxms2fs2p", "content": "", "creation_timestamp": "2025-07-01T23:27:07.053442Z"}, {"uuid": "85279dee-e65a-4202-aff6-229ac94aff0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-35730", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/505403c7-9a75-4481-8548-63e87ce3d240", "content": "", "creation_timestamp": "2026-02-02T12:26:57.106129Z"}, {"uuid": "eeabe856-0ec9-41b2-bbe1-3e1f67bb8b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35735", "type": "seen", "source": "https://t.me/cibsecurity/21391", "content": "\u203c CVE-2020-35735 \u203c\n\nVidyo 02-09-/D allows clickjacking via the portal/ URI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-29T22:29:43.000000Z"}, {"uuid": "1b9c594f-20ea-49a0-982e-331e3babdb83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "seen", "source": "https://t.me/arpsyndicate/989", "content": "#ExploitObserverAlert\n\nCVE-2020-35730\n\nDESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-35730. An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkref_addindex in rcube_string_replacer.php.\n\nFIRST-EPSS: 0.004620000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-12-03T17:36:28.000000Z"}, {"uuid": "0b7fc8c5-3562-41ea-807c-5b0c4dbf124c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "published-proof-of-concept", "source": "Telegram/_2iZhze6jswijCm6NsMkH5GB7hxCAMET0bj118-njZt1foI", "content": "", "creation_timestamp": "2025-04-20T17:00:09.000000Z"}, {"uuid": "a30bb00f-013a-4ac8-ae38-ae6052c42be6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35733", "type": "seen", "source": "https://t.me/cibsecurity/22206", "content": "\u203c CVE-2020-35733 \u203c\n\nAn issue was discovered in Erlang/OTP before 23.2.2. The ssl application 10.2 accepts and trusts an invalid X.509 certificate chain to a trusted root Certification Authority.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-15T16:55:53.000000Z"}, {"uuid": "5b465146-b566-4485-9c82-c690630e5a05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35738", "type": "seen", "source": "https://t.me/cibsecurity/21329", "content": "\u203c CVE-2020-35738 \u203c\n\nWavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T07:28:10.000000Z"}, {"uuid": "d6b156d6-39bc-4e91-a1e9-e30218bcc27f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35736", "type": "seen", "source": "https://t.me/cibsecurity/21328", "content": "\u203c CVE-2020-35736 \u203c\n\nGateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-27T22:27:52.000000Z"}, {"uuid": "d09f36b4-a075-4bf3-b713-6c1c77e87518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35730", "type": "seen", "source": "https://t.me/cibsecurity/21370", "content": "\u203c CVE-2020-35730 \u203c\n\nlinkref_addindex in rcube_string_replacer.php in Roundcube Webmail before 1.4.10 allows XSS via a crafted email message.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T22:28:59.000000Z"}, {"uuid": "684c216c-53e9-4ed8-9592-1de9be5b7ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35736", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/516", "content": "CVE-2020-35736 GateOne \u4efb\u610f\u6587\u4ef6\u8b80\u53d6\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-35736_GateOne_%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AE%80%E5%8F%96%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-28T01:25:51.000000Z"}, {"uuid": "2a51b3e8-2755-420e-9e8b-283e94d17db5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-3573", "type": "seen", "source": "https://t.me/cibsecurity/16008", "content": "\u203c CVE-2020-3573 \u203c\n\nMultiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-06T22:51:26.000000Z"}]}