{"vulnerability": "cve-2021-2104", "sightings": [{"uuid": "bd886a5a-db41-4b27-8dce-5cb2a42544f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21049", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13150", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-21049\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\ud83d\udccf Published: 2021-02-11T20:09:47.043Z\n\ud83d\udccf Modified: 2025-04-23T19:45:42.090Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/photoshop/apsb21-10.html", "creation_timestamp": "2025-04-23T20:05:02.000000Z"}, {"uuid": "7fdf19b3-3e6d-4f41-a0ab-c08cf1dacb7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21048", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13149", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-21048\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_0, Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file\n\ud83d\udccf Published: 2021-02-11T20:09:37.146Z\n\ud83d\udccf Modified: 2025-04-23T19:45:49.445Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/photoshop/apsb21-10.html", "creation_timestamp": "2025-04-23T20:05:01.000000Z"}, {"uuid": "947f8da1-faa5-4ebb-bae4-3fe20612157c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21047", "type": "seen", "source": "https://t.me/cibsecurity/23513", "content": "\u203c CVE-2021-21047 \u203c\n\nAdobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T00:43:07.000000Z"}, {"uuid": "53ac696d-6304-4da6-a747-412278eb57ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21049", "type": "seen", "source": "https://t.me/cibsecurity/23503", "content": "\u203c CVE-2021-21049 \u203c\n\nAdobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T00:42:53.000000Z"}, {"uuid": "ce12b638-6808-46e3-904b-e4a99de16db5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21048", "type": "seen", "source": "https://t.me/cibsecurity/23510", "content": "\u203c CVE-2021-21048 \u203c\n\nAdobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-12T00:43:03.000000Z"}, {"uuid": "afc61beb-5277-42c7-a10f-96945c815d8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21046", "type": "seen", "source": "https://t.me/cibsecurity/23469", "content": "\u203c CVE-2021-21046 \u203c\n\nAcrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to cause an application denial-of-service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-11T22:47:44.000000Z"}, {"uuid": "26b5adf5-160e-4470-81f7-80231dbed205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21044", "type": "seen", "source": "https://t.me/cibsecurity/23467", "content": "\u203c CVE-2021-21044 \u203c\n\nAcrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a crafted jpeg file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-11T22:47:42.000000Z"}, {"uuid": "bc4a9ce5-5bc6-4d59-a5aa-8bf7c59998fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21043", "type": "seen", "source": "https://t.me/cibsecurity/23000", "content": "\u203c CVE-2021-21043 \u203c\n\nACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. Exploitation of this issue requires user interaction in order to be successful.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-03T02:29:37.000000Z"}, {"uuid": "17e6005e-f35f-4d8b-a286-0129a9dc0a46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2104", "type": "seen", "source": "https://t.me/cibsecurity/22406", "content": "\u203c CVE-2021-2104 \u203c\n\nVulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T18:40:42.000000Z"}, {"uuid": "d991a6d1-8492-4f2a-b86a-1280a08984cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-21042", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2746", "content": "#exploit\n1. CVE-2021-26296:\nCross-Site Request Forgery in Apache MyFaces JSF Framework\nhttps://seclists.org/fulldisclosure/2021/Feb/66\n\n2. CVE-2021-21042:\nGetting Information Disclosure in Adobe Reader Through the ID Tag\nhttps://www.thezdi.com/blog/2021/2/17/zdi-21-171-getting-information-disclosure-in-adobe-reader-through-the-id-tag", "creation_timestamp": "2024-10-09T19:07:11.000000Z"}]}