{"vulnerability": "CVE-2021-3837", "sightings": [{"uuid": "0db1370a-4459-4b27-b58a-5e9014e1f33d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38379", "type": "seen", "source": "https://t.me/cibsecurity/31274", "content": "\u203c CVE-2021-38379 \u203c\n\nThe Hub in CFEngine Enterprise 3.6.7 through 3.18.0 has Insecure Permissions that allow local Information Disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-27T18:16:06.000000Z"}, {"uuid": "53f96544-f363-4fa5-831c-c96de59d3b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38371", "type": "seen", "source": "https://t.me/cibsecurity/27066", "content": "\u203c CVE-2021-38371 \u203c\n\nThe STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T18:37:20.000000Z"}, {"uuid": "c4ef5436-205b-4bb1-bd39-dcaea5c1ea3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3837", "type": "seen", "source": "https://t.me/cibsecurity/34869", "content": "\u203c CVE-2021-3837 \u203c\n\nopenwhyd is vulnerable to Improper Authorization\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-03T18:44:27.000000Z"}, {"uuid": "3af977e1-0fdb-4809-afc4-1ec718939815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38373", "type": "seen", "source": "https://t.me/cibsecurity/27078", "content": "\u203c CVE-2021-38373 \u203c\n\nIn KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless \"Server requires authentication\" is checked.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T18:37:36.000000Z"}, {"uuid": "bbf60a30-ebdd-4062-9891-f3db01181ed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38370", "type": "seen", "source": "https://t.me/cibsecurity/27077", "content": "\u203c CVE-2021-38370 \u203c\n\nIn Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T18:37:35.000000Z"}, {"uuid": "5f340b4b-7060-4c47-b6e5-5a6aa6975076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38372", "type": "seen", "source": "https://t.me/cibsecurity/27070", "content": "\u203c CVE-2021-38372 \u203c\n\nIn KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T18:37:27.000000Z"}]}