Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 28 May 2026 14:25:41 +0000 536e7760-318e-4b97-acb4-f8c7741ce9f7 https://db.gcve.eu/sighting/536e7760-318e-4b97-acb4-f8c7741ce9f7/export {"uuid": "536e7760-318e-4b97-acb4-f8c7741ce9f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44678", "type": "seen", "source": "https://t.me/cibsecurity/33410", "content": "\u203c CVE-2021-44678 \u203c\n\nAn issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor's security alert for this vulnerability (VTS21-003, ZDI-CAN-14076).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:30.000000Z"} {"uuid": "536e7760-318e-4b97-acb4-f8c7741ce9f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44678", "type": "seen", "source": "https://t.me/cibsecurity/33410", "content": "\u203c CVE-2021-44678 \u203c\n\nAn issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor's security alert for this vulnerability (VTS21-003, ZDI-CAN-14076).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:30.000000Z"} https://db.gcve.eu/sighting/536e7760-318e-4b97-acb4-f8c7741ce9f7/export Tue, 07 Dec 2021 00:22:30 +0000 94de7f92-0682-43f1-a61e-2ab697f1a0bf https://db.gcve.eu/sighting/94de7f92-0682-43f1-a61e-2ab697f1a0bf/export {"uuid": "94de7f92-0682-43f1-a61e-2ab697f1a0bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44677", "type": "seen", "source": "https://t.me/cibsecurity/33416", "content": "\u203c CVE-2021-44677 \u203c\n\nAn issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor's security alert for this vulnerability (VTS21-003, ZDI-CAN-14078).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:37.000000Z"} {"uuid": "94de7f92-0682-43f1-a61e-2ab697f1a0bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44677", "type": "seen", "source": "https://t.me/cibsecurity/33416", "content": "\u203c CVE-2021-44677 \u203c\n\nAn issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor's security alert for this vulnerability (VTS21-003, ZDI-CAN-14078).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:37.000000Z"} https://db.gcve.eu/sighting/94de7f92-0682-43f1-a61e-2ab697f1a0bf/export Tue, 07 Dec 2021 00:22:37 +0000 971e6e4a-8ad3-4cee-8cad-6421f2472dfd https://db.gcve.eu/sighting/971e6e4a-8ad3-4cee-8cad-6421f2472dfd/export {"uuid": "971e6e4a-8ad3-4cee-8cad-6421f2472dfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44679", "type": "seen", "source": "https://t.me/cibsecurity/33421", "content": "\u203c CVE-2021-44679 \u203c\n\nAn issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor's security alert for this vulnerability (VTS21-003, ZDI-CAN-14074).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:45.000000Z"} {"uuid": "971e6e4a-8ad3-4cee-8cad-6421f2472dfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44679", "type": "seen", "source": "https://t.me/cibsecurity/33421", "content": "\u203c CVE-2021-44679 \u203c\n\nAn issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the Enterprise Vault application starts several services that listen on random .NET Remoting TCP ports for possible commands from client applications. These TCP services can be exploited due to deserialization behavior that is inherent to the .NET Remoting service. A malicious attacker can exploit both TCP remoting services and local IPC services on the Enterprise Vault Server. This vulnerability is mitigated by properly configuring the servers and firewall as described in the vendor's security alert for this vulnerability (VTS21-003, ZDI-CAN-14074).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:45.000000Z"} https://db.gcve.eu/sighting/971e6e4a-8ad3-4cee-8cad-6421f2472dfd/export Tue, 07 Dec 2021 00:22:45 +0000 700b765d-796c-4a82-9499-db4b77229e03 https://db.gcve.eu/sighting/700b765d-796c-4a82-9499-db4b77229e03/export {"uuid": "700b765d-796c-4a82-9499-db4b77229e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44675", "type": "seen", "source": "https://t.me/cibsecurity/34286", "content": "\u203c CVE-2021-44675 \u203c\n\nZoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-20T18:41:11.000000Z"} {"uuid": "700b765d-796c-4a82-9499-db4b77229e03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44675", "type": "seen", "source": "https://t.me/cibsecurity/34286", "content": "\u203c CVE-2021-44675 \u203c\n\nZoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-20T18:41:11.000000Z"} https://db.gcve.eu/sighting/700b765d-796c-4a82-9499-db4b77229e03/export Mon, 20 Dec 2021 18:41:11 +0000 e9e1441a-0a25-49be-88a1-58d55fde0ce2 https://db.gcve.eu/sighting/e9e1441a-0a25-49be-88a1-58d55fde0ce2/export {"uuid": "e9e1441a-0a25-49be-88a1-58d55fde0ce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44676", "type": "seen", "source": "https://t.me/cibsecurity/34287", "content": "\u203c CVE-2021-44676 \u203c\n\nZoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-20T18:41:12.000000Z"} {"uuid": "e9e1441a-0a25-49be-88a1-58d55fde0ce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44676", "type": "seen", "source": "https://t.me/cibsecurity/34287", "content": "\u203c CVE-2021-44676 \u203c\n\nZoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-20T18:41:12.000000Z"} https://db.gcve.eu/sighting/e9e1441a-0a25-49be-88a1-58d55fde0ce2/export Mon, 20 Dec 2021 18:41:12 +0000 fa33f8aa-a4e4-470f-9f70-3973c5f7be92 https://db.gcve.eu/sighting/fa33f8aa-a4e4-470f-9f70-3973c5f7be92/export {"uuid": "fa33f8aa-a4e4-470f-9f70-3973c5f7be92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44674", "type": "seen", "source": "https://t.me/cibsecurity/34853", "content": "\u203c CVE-2021-44674 \u203c\n\nAn information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-03T16:44:03.000000Z"} {"uuid": "fa33f8aa-a4e4-470f-9f70-3973c5f7be92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44674", "type": "seen", "source": "https://t.me/cibsecurity/34853", "content": "\u203c CVE-2021-44674 \u203c\n\nAn information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-03T16:44:03.000000Z"} https://db.gcve.eu/sighting/fa33f8aa-a4e4-470f-9f70-3973c5f7be92/export Mon, 03 Jan 2022 16:44:03 +0000