{"vulnerability": "CVE-2021-3714", "sightings": [{"uuid": "b4410f40-21b8-47dc-8c4d-de1258361827", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3714", "type": "seen", "source": "https://t.me/cibsecurity/48590", "content": "\u203c CVE-2021-3714 \u203c\n\nA flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a networked service to determine if the page has been merged.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T20:21:38.000000Z"}, {"uuid": "f7616c27-e3e8-44b4-84fb-6e1c90e34dc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37148", "type": "seen", "source": "https://t.me/cibsecurity/31743", "content": "\u203c CVE-2021-37148 \u203c\n\nImproper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.0.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T19:23:47.000000Z"}, {"uuid": "35826a13-109f-4642-aa08-aa170d4ef61a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37149", "type": "seen", "source": "https://t.me/cibsecurity/31741", "content": "\u203c CVE-2021-37149 \u203c\n\nImproper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T19:23:44.000000Z"}, {"uuid": "7508c3fd-1690-456e-b11a-9be6461fd10c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37147", "type": "seen", "source": "https://t.me/cibsecurity/31732", "content": "\u203c CVE-2021-37147 \u203c\n\nImproper input validation vulnerability in header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 8.1.2 and 9.0.0 to 9.1.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T19:23:33.000000Z"}, {"uuid": "c199b343-ef21-4d31-b7f5-610e95531b85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37145", "type": "seen", "source": "https://t.me/cibsecurity/28413", "content": "\u203c CVE-2021-37145 \u203c\n\n** UNSUPPORTED WHEN ASSIGNED ** A command-injection vulnerability in an authenticated Telnet connection in Poly (formerly Polycom) CX5500 and CX5100 1.3.5 leads an attacker to Privilege Escalation and Remote Code Execution capability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-08T02:22:59.000000Z"}, {"uuid": "a33638b5-c7a7-4edc-8c78-8d5718b39dc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37146", "type": "seen", "source": "https://t.me/cibsecurity/29549", "content": "\u203c CVE-2021-37146 \u203c\n\nAn infinite loop in Open Robotics ros_comm XMLRPC server in ROS Melodic through 1.4.11 and ROS Noetic through1.15.11 allows remote attackers to cause a Denial of Service in ros_comm via a crafted XMLRPC call.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-28T16:35:49.000000Z"}, {"uuid": "526273f3-1b70-4e6f-9c9b-5c08ba8e08f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37144", "type": "seen", "source": "https://t.me/cibsecurity/26609", "content": "\u203c CVE-2021-37144 \u203c\n\nCSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink() function is called and user input might affect portions of or the whole affected parameter, which represents the path of the file to remove, without sufficient sanitization.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-30T18:21:19.000000Z"}, {"uuid": "b79247c0-bd05-4a38-8cc1-64102bc16a86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2021-3714", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}]}