{"vulnerability": "cve-2021-4465", "sightings": [{"uuid": "32cafed6-684a-4ad9-aa79-ad537ebbd6a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44651", "type": "seen", "source": "https://t.me/cibsecurity/35336", "content": "\u203c CVE-2021-44651 \u203c\n\nZoho ManageEngine CloudSecurityPlus before Build 4117 allows remote code execution through the updatePersonalizeSettings component due to an improper security patch for CVE-2021-40175.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-12T18:17:06.000000Z"}, {"uuid": "294c4364-c609-4a8b-ae75-69024c0d5acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44650", "type": "seen", "source": "https://t.me/cibsecurity/35328", "content": "\u203c CVE-2021-44650 \u203c\n\nZoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-12T16:17:07.000000Z"}, {"uuid": "cc41afec-e296-403d-bbda-25d7124254e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44652", "type": "seen", "source": "https://t.me/cibsecurity/35337", "content": "\u203c CVE-2021-44652 \u203c\n\nZoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-12T18:17:07.000000Z"}, {"uuid": "852f6b0e-25ad-4443-967b-3e799f874c62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44659", "type": "seen", "source": "https://t.me/cibsecurity/34508", "content": "\u203c CVE-2021-44659 \u203c\n\nAdding a new pipeline in GoCD server version 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a Server Side Request Forgery (SSRF)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-22T20:18:18.000000Z"}, {"uuid": "2cecc926-0559-4970-96e9-89e7bbf471f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44653", "type": "seen", "source": "https://t.me/cibsecurity/34037", "content": "\u203c CVE-2021-44653 \u203c\n\nOnline Magazine Management System 1.0 contains a SQL injection authentication bypass vulnerability. The Admin panel authentication can be bypassed due to SQL injection vulnerability in the login form allowing attacker to gain access as admin to the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-15T18:20:39.000000Z"}, {"uuid": "ccb558f3-c8d6-4dfe-9e2f-ef6a223b2186", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44657", "type": "seen", "source": "https://t.me/cibsecurity/34024", "content": "\u203c CVE-2021-44657 \u203c\n\nIn StackStorm versions prior to 3.6.0, the jinja interpreter was not run in sandbox mode and thus allows execution of unsafe system commands. Jinja does not enable sandboxed mode by default due to backwards compatibility. Stackstorm now sets sandboxed mode for jinja by default.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-15T18:14:44.000000Z"}, {"uuid": "a1c2575e-f6af-4807-9d06-dac4684dfb6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44659", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1558", "content": "#exploit\n1. CVE-2021-44659:\nAdding a new pipeline in GoCD server 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a SSRF\nhttps://github.com/Mesh3l911/CVE-2021-44659\n\n2. A buffer overflow vulnerability in a babykernel.ko driver. The exploit is written in a way to bypass SMEP protection and the technique used is ret2usr\nhttps://github.com/0x3SC4L4T3/Babykernel-ctf-ret2usr\n\n@BlueRedTeam", "creation_timestamp": "2021-12-23T04:24:58.000000Z"}, {"uuid": "2165c40a-b7f9-412e-8e14-0bbd9f756c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-44659", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5038", "content": "#exploit\n1. CVE-2021-44659:\nAdding a new pipeline in GoCD server 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a SSRF\nhttps://github.com/Mesh3l911/CVE-2021-44659\n\n2. A buffer overflow vulnerability in a babykernel.ko driver. The exploit is written in a way to bypass SMEP protection and the technique used is ret2usr\nhttps://github.com/0x3SC4L4T3/Babykernel-ctf-ret2usr", "creation_timestamp": "2021-12-23T11:12:01.000000Z"}]}