https://db.gcve.eu/sightings/feedMost recent sightings.2026-06-12T16:16:03.353149+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/93dfe639-0c14-4627-ac83-643d7be41fe7/export93dfe639-0c14-4627-ac83-643d7be41fe72026-06-12T16:16:04.868369+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "93dfe639-0c14-4627-ac83-643d7be41fe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43032", "type": "seen", "source": "https://t.me/cibsecurity/31788", "content": "\u203c CVE-2021-43032 \u203c\n\nIn XenForo through 2.2.7, a threat actor with access to the admin panel can create a new Advertisement via the Advertising function, and save an XSS payload in the body of the HTML document. This payload will execute globally on the client side.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T23:23:42.000000Z"}2021-11-03T23:23:42+00:00https://db.gcve.eu/sighting/831b908e-8264-4377-ad03-044f11b2c424/export831b908e-8264-4377-ad03-044f11b2c4242026-06-12T16:16:04.868314+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "831b908e-8264-4377-ad03-044f11b2c424", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43035", "type": "seen", "source": "https://t.me/cibsecurity/33354", "content": "\u203c CVE-2021-43035 \u203c\n\nAn issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Two unauthenticated SQL injection vulnerabilities were discovered, allowing arbitrary SQL queries to be injected and executed under the postgres superuser account. Remote code execution was possible, leading to full access to the postgres user account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-06T07:20:23.000000Z"}2021-12-06T07:20:23+00:00https://db.gcve.eu/sighting/2832f5ff-9d7f-4945-a7cf-fa9248a126bb/export2832f5ff-9d7f-4945-a7cf-fa9248a126bb2026-06-12T16:16:04.868258+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "2832f5ff-9d7f-4945-a7cf-fa9248a126bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43036", "type": "seen", "source": "https://t.me/cibsecurity/33356", "content": "\u203c CVE-2021-43036 \u203c\n\nAn issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The password for the PostgreSQL wguest account is weak.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-06T07:20:25.000000Z"}2021-12-06T07:20:25+00:00https://db.gcve.eu/sighting/d3a8a857-c10c-40fd-85e3-4e7dd3a0a190/exportd3a8a857-c10c-40fd-85e3-4e7dd3a0a1902026-06-12T16:16:04.868197+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "d3a8a857-c10c-40fd-85e3-4e7dd3a0a190", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43033", "type": "seen", "source": "https://t.me/cibsecurity/33358", "content": "\u203c CVE-2021-43033 \u203c\n\nAn issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. Multiple functions in the bpserverd daemon were vulnerable to arbitrary remote code execution as root. The vulnerability was caused by untrusted input (received by the server) being passed to system calls.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-06T07:20:27.000000Z"}2021-12-06T07:20:27+00:00https://db.gcve.eu/sighting/341237e1-dc00-454e-8c92-122d988197af/export341237e1-dc00-454e-8c92-122d988197af2026-06-12T16:16:04.868135+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "341237e1-dc00-454e-8c92-122d988197af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43034", "type": "seen", "source": "https://t.me/cibsecurity/33361", "content": "\u203c CVE-2021-43034 \u203c\n\nAn issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A world writable file allowed local users to execute arbitrary code as the user apache, leading to privilege escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-06T07:20:30.000000Z"}2021-12-06T07:20:30+00:00https://db.gcve.eu/sighting/400dc23e-3b2b-40b8-b37d-c7fca0414f1d/export400dc23e-3b2b-40b8-b37d-c7fca0414f1d2026-06-12T16:16:04.868074+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "400dc23e-3b2b-40b8-b37d-c7fca0414f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43038", "type": "seen", "source": "https://t.me/cibsecurity/33362", "content": "\u203c CVE-2021-43038 \u203c\n\nAn issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The wguest account could execute commands by injecting into PostgreSQL trigger functions. This allowed privilege escalation from the wguest user to the postgres user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-06T07:20:31.000000Z"}2021-12-06T07:20:31+00:00https://db.gcve.eu/sighting/62612229-ddba-4788-a604-b35c4b41b554/export62612229-ddba-4788-a604-b35c4b41b5542026-06-12T16:16:04.867984+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "62612229-ddba-4788-a604-b35c4b41b554", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43037", "type": "seen", "source": "https://t.me/cibsecurity/33364", "content": "\u203c CVE-2021-43037 \u203c\n\nAn issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows agent was vulnerable to DLL injection and binary planting due to insecure default permissions. This allowed privilege escalation from an unprivileged user to SYSTEM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-06T07:20:36.000000Z"}2021-12-06T07:20:36+00:00https://db.gcve.eu/sighting/aefaf83c-eac2-4112-b053-5f6cb517cc62/exportaefaf83c-eac2-4112-b053-5f6cb517cc622026-06-12T16:16:04.863236+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "aefaf83c-eac2-4112-b053-5f6cb517cc62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-43030", "type": "seen", "source": "https://t.me/cibsecurity/34305", "content": "\u203c CVE-2021-43030 \u203c\n\nAdobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose sensitive information on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. The issue results from the lack of proper initialization of memory prior to accessing it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-21T00:11:31.000000Z"}2021-12-21T00:11:31+00:00