{"vulnerability": "CVE-2021-3506", "sightings": [{"uuid": "5c704131-de77-4520-a613-ccfa411f46b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35064", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m344f7p7jk2a", "content": "", "creation_timestamp": "2025-10-13T21:02:40.791040Z"}, {"uuid": "e80e4e96-5615-4fc3-bc83-eebf18df748f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3506", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "9bceaa20-631d-440a-8f06-56ca114afe23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35069", "type": "seen", "source": "https://t.me/cibsecurity/37289", "content": "\u203c CVE-2021-35069 \u203c\n\nImproper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-11T14:28:38.000000Z"}, {"uuid": "2a2aa9b7-feeb-40cd-8645-96bf0c373bdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35068", "type": "seen", "source": "https://t.me/cibsecurity/37287", "content": "\u203c CVE-2021-35068 \u203c\n\nLack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-11T14:28:36.000000Z"}, {"uuid": "fbc82e44-3f68-4510-8110-a27fc8c5cfb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35067", "type": "seen", "source": "https://t.me/cibsecurity/30164", "content": "\u203c CVE-2021-35067 \u203c\n\nMeross MSG100 devices before 3.2.3 allow an attacker to replay the same data or similar data (e.g., an attacker who sniffs a Close message can transmit an acceptable Open message).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-07T18:33:54.000000Z"}, {"uuid": "b440c7a0-f6b9-4256-9950-e74794ccc2cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35062", "type": "seen", "source": "https://t.me/cibsecurity/28049", "content": "\u203c CVE-2021-35062 \u203c\n\nA Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-31T00:32:39.000000Z"}, {"uuid": "6ad4ecc7-49b5-4b18-a3f5-f300077a4eff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35064", "type": "seen", "source": "MISP/8bf50bb8-94dd-4004-a646-5f78db6f0b6a", "content": "", "creation_timestamp": "2022-07-13T13:02:16.000000Z"}, {"uuid": "ba62a845-6815-4884-b9a5-e084c98a9287", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35064", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-35064.yaml", "content": "", "creation_timestamp": "2025-10-12T06:46:17.000000Z"}, {"uuid": "466b079a-b3a1-4d35-acce-dd37d9e55142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35065", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11691", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-35065\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The glob-parent package before 6.0.1 for Node.js allows ReDoS (regular expression denial of service) attacks against the enclosure regular expression.\n\ud83d\udccf Published: 2022-12-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T18:31:12.451Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-GLOBPARENT-1314294\n2. https://github.com/gulpjs/glob-parent/commit/3e9f04a3b4349db7e1962d87c9a7398cda51f339\n3. https://github.com/gulpjs/glob-parent/pull/49", "creation_timestamp": "2025-04-14T18:54:27.000000Z"}]}