{"vulnerability": "CVE-2021-3829", "sightings": [{"uuid": "c0156f39-103f-45df-9183-12ddadeb7b19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38297", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/118", "content": "Top Security News for 01/09/2022\n\nSecuring multi-cloud identity with orchestration.\nhttps://thecyberwire.com/podcasts/cyberwire-x/37/notes \n\nHow I Met Your Beacon: Detection Strategies\nhttps://www.reddit.com/r/netsec/comments/x2t7p2/how_i_met_your_beacon_detection_strategies/ \n\nStop Ransomware with Microsoft Security digital event presents threat intelligence in action\nhttps://www.microsoft.com/security/blog/2022/08/31/stop-ransomware-with-microsoft-security-digital-event-presents-threat-intelligence-in-action/ \n\nNEW 'Off The Hook' ONLINE\nhttps://www.2600.com/hook/31-08-2022 \n\nWomen in cybersecurity form non-profit organization The Forte Group\nhttps://www.csoonline.com/article/3671909/women-in-cybersecurity-form-non-profit-organization-the-forte-group.html#tk.rss_all \n\nMalwarebytes receives highest rankings in recent third-party tests\nhttps://malware.news/t/malwarebytes-receives-highest-rankings-in-recent-third-party-tests/63043/1 \n\nCVE-2021-38297 - Technical analysis of a Go WebAssembly vulnerability\nhttps://www.reddit.com/r/netsec/comments/x279b9/cve202138297_technical_analysis_of_a_go/ \n\nFinal Fantasy 14 players targeted by QR code phishing\nhttps://www.malwarebytes.com/blog/news/2022/08/final-fantasy-14-players-targeted-by-qr-code-phishing \n\nUK unveils tighter cybersecurity requirements for telecom industry. Preparing for new cybersecurity regulations.\nhttps://thecyberwire.com/newsletters/policy-briefing/4/168 \n\nPalo Alto adds new SaaS compliance, threat prevention, URL filtering features to Prisma solution\nhttps://www.csoonline.com/article/3671709/palo-alto-adds-new-saas-compliance-threat-prevention-url-filtering-features-to-prisma-solution.html#tk.rss_all \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-09-01T07:00:09.000000Z"}, {"uuid": "42de713f-b3eb-470a-90f0-51a07fd72e0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/arpsyndicate/1839", "content": "#ExploitObserverAlert\n\nCVE-2021-38297\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2021-38297. Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.\n\nFIRST-EPSS: 0.004300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-17T20:51:35.000000Z"}, {"uuid": "50f3be04-96aa-4472-949c-c0aaad14f8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38295", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/276", "content": "ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server #poc exploit\nhttps://github.com/bhdresh/CVE-2021-33766\n\n#poc CVE-2021-37980 : Inappropriate implementation in Sandbox (windows only)\nhttps://github.com/ZeusBox/CVE-2021-37980\n\nMy take on CVE-2021-30858 #poc for ps4 8.xx It's just a POC\nhttps://github.com/PeterMxx/ps4_8.00_vuln_poc\n\nA simple Python proof of concept for CVE-2021-38295\nhttps://github.com/ProfessionallyEvil/CVE-2021-38295-PoC\n\napache httpd path traversal checker(CVE-2021-41773 / CVE-2021-42013)\nhttps://github.com/theLSA/apache-httpd-path-traversal-checker", "creation_timestamp": "2021-10-15T12:57:52.000000Z"}, {"uuid": "dc6ee7be-1223-433a-8f92-6fd3ac522e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38296", "type": "seen", "source": "https://t.me/cibsecurity/38633", "content": "\u203c CVE-2021-38296 \u203c\n\nApache Spark supports end-to-end encryption of RPC connections via \"spark.authenticate\" and \"spark.network.crypto.enabled\". In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would allow someone to decrypt plaintext traffic offline. Note that this does not affect security mechanisms controlled by \"spark.authenticate.enableSaslEncryption\", \"spark.io.encryption.enabled\", \"spark.ssl\", \"spark.ui.strictTransportSecurity\". Update to Apache Spark 3.1.3 or later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T12:12:32.000000Z"}, {"uuid": "88c6b619-7260-4da9-9a4e-8d7816993430", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/cibsecurity/30671", "content": "\u203c CVE-2021-38297 \u203c\n\nGo before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via large arguments in a function invocation from a WASM module, when GOARCH=wasm GOOS=js is used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-18T12:36:40.000000Z"}, {"uuid": "21ac9351-05e6-4b7e-8966-b34a007f5b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38299", "type": "seen", "source": "https://t.me/cibsecurity/29437", "content": "\u203c CVE-2021-38299 \u203c\n\nWebauthn Framework 3.3.x before 3.3.4 has Incorrect Access Control. An attacker that controls a user's system is able to login to a vulnerable service using an attached FIDO2 authenticator without passing a check of the user presence.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-27T12:34:39.000000Z"}, {"uuid": "c7f0ba55-890a-47f9-9562-c839c8203bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38295", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4521", "content": "#exploit\n1. CVE-2021-33766:\nProxyToken - An Authentication Bypass in Microsoft Exchange Server PoC exploit\nhttps://github.com/bhdresh/CVE-2021-33766\n\n2. CVE-2021-38295:\nA simple Python PoC\nhttps://github.com/ProfessionallyEvil/CVE-2021-38295-PoC/commits/main", "creation_timestamp": "2021-10-15T11:07:01.000000Z"}, {"uuid": "df6eef52-5b61-4f5a-9f55-9727d468e0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/nimbus_gettopologyhistory_cmd_exec.rb", "content": "", "creation_timestamp": "2021-11-18T23:24:22.000000Z"}, {"uuid": "045f961f-c4a1-48ef-8c25-122609377d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38295", "type": "published-proof-of-concept", "source": "https://t.me/cKure/7612", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Untested | CVE-2021-38295 PoC: A simple Python proof of concept for CVE-2021-38295.\n\nhttps://github.com/ProfessionallyEvil/CVE-2021-38295-PoC", "creation_timestamp": "2021-10-14T18:57:00.000000Z"}, {"uuid": "dde252d0-d0e2-4c4a-82fc-81cab4926b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38295", "type": "seen", "source": "https://t.me/cibsecurity/30603", "content": "\u203c CVE-2021-38295 \u203c\n\nIn Apache CouchDB, a malicious user with permission to create documents in a database is able to attach a HTML attachment to a document. If a CouchDB admin opens that attachment in a browser, e.g. via the CouchDB admin interface Fauxton, any JavaScript code embedded in that HTML attachment will be executed within the security context of that admin. A similar route is available with the already deprecated _show and _list functionality. This privilege escalation vulnerability allows an attacker to add or remove data in any database or make configuration changes. This issue affected Apache CouchDB prior to 3.1.2\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-15T00:27:54.000000Z"}, {"uuid": "95ddab2b-8eeb-4253-8da0-3a7362d1b653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38291", "type": "seen", "source": "https://t.me/cibsecurity/27243", "content": "\u203c CVE-2021-38291 \u203c\n\nFFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-12T20:39:00.000000Z"}, {"uuid": "d4b2544c-f497-40b5-a0c6-c4cc5e2dad9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/thebugbountyhunter/6473", "content": "CVE-2021-38297 \u2013 Analysis of a Go Web Assembly vulnerability\n\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability/", "creation_timestamp": "2022-08-31T15:31:50.000000Z"}, {"uuid": "fe3af56e-cca8-478d-be37-58917817269c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38295", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/694", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aA simple Python proof of concept for CVE-2021-38295.\nURL\uff1ahttps://github.com/ProfessionallyEvil/CVE-2021-38295-PoC", "creation_timestamp": "2021-10-14T15:47:18.000000Z"}, {"uuid": "845bff22-e692-43df-b322-42e5cc83fbb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38297", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/490", "content": "CVE-2021-38297 : Analysis & Exploit Go < 1.17.2 - Buffer Overflow\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability", "creation_timestamp": "2022-09-29T22:29:01.000000Z"}, {"uuid": "c579983f-4e8b-4520-8e28-3e8d2717d77c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3829", "type": "seen", "source": "https://t.me/cibsecurity/33742", "content": "\u203c CVE-2021-3829 \u203c\n\nopenwhyd is vulnerable to URL Redirection to Untrusted Site\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-10T18:25:06.000000Z"}, {"uuid": "0d1c137d-a181-409e-adf8-292e1d27c6b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38297", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/6742", "content": "#exploit\n1. CVE-2021-38297:\nGo Web Assembly Vulnerability\nhttps://jfrog.com/blog/cve-2021-38297-analysis-of-a-go-web-assembly-vulnerability\n\n2. CVE-2022-24124:\nCasdoor SQL Injection\nhttps://github.com/cukw/CVE-2022-24124_POC\n]-> https://blog.qualys.com/vulnerabilities-threat-research/2022/03/09/casdoor-sql-injection-cve-2022-24124", "creation_timestamp": "2022-09-05T12:37:13.000000Z"}, {"uuid": "ed6dfac4-2875-412f-97e2-168a722320d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "1e75e4b5-afe4-42a0-9a18-07a909810a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38294", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:39.000000Z"}]}