{"vulnerability": "CVE-2021-4107", "sightings": [{"uuid": "d2ed6c2a-4b5a-419d-be00-3813f93cd664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4107", "type": "seen", "source": "https://t.me/cibsecurity/33938", "content": "\u203c CVE-2021-4107 \u203c\n\nyetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-14T18:15:27.000000Z"}, {"uuid": "83bc9ee7-1573-4860-ad22-4a6b339b70a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41078", "type": "seen", "source": "https://t.me/cibsecurity/31213", "content": "\u203c CVE-2021-41078 \u203c\n\nNameko through 2.13.0 can be tricked into performing arbitrary code execution when deserializing the config file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T16:15:03.000000Z"}, {"uuid": "ce1043b8-ad9c-4531-99ef-3b515f13cc21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41077", "type": "seen", "source": "https://t.me/cibsecurity/28832", "content": "\u203c CVE-2021-41077 \u203c\n\nThe activation process in Travis CI, for certain 2021-09-03 through 2021-09-10 builds, causes secret data to have unexpected sharing that is not specified by the customer-controlled .travis.yml file. In particular, the desired behavior (if .travis.yml has been created locally by a customer, and added to git) is for a Travis service to perform builds in a way that prevents public access to customer-specific secret environment data such as signing keys, access credentials, and API tokens. However, during the stated 8-day interval, secret data could be revealed to an unauthorized actor who forked a public repository and printed files during a build process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T20:21:03.000000Z"}, {"uuid": "cf9795ef-59cb-4f32-b9de-387df13d940d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41079", "type": "seen", "source": "https://t.me/cibsecurity/28986", "content": "\u203c CVE-2021-41079 \u203c\n\nApache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T18:22:47.000000Z"}, {"uuid": "fe111998-ba43-4045-979a-48a51a8c8aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41072", "type": "seen", "source": "https://t.me/cibsecurity/28767", "content": "\u203c CVE-2021-41072 \u203c\n\nsquashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-14T07:15:25.000000Z"}, {"uuid": "1c61c1d9-8983-4492-93bb-86d1c55661ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41075", "type": "seen", "source": "https://t.me/cibsecurity/30545", "content": "\u203c CVE-2021-41075 \u203c\n\nThe NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-14T02:26:55.000000Z"}, {"uuid": "746a50bd-4a7b-4c5d-b7dd-ea3252644fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1886", "content": "#exploit\nCVE-2021-41073:\nType confusion in Linux io_uring\nhttps://gist.github.com/QiuhaoLi/d66b0ff2aa5058bd007a3f6c61d29b6e\n\n@BlueRedTeam", "creation_timestamp": "2022-04-03T10:37:21.000000Z"}, {"uuid": "f90ef69f-df43-413b-adb8-f17da0482355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41074", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mcfxrjmh3a2t", "content": "", "creation_timestamp": "2026-01-14T21:03:04.427968Z"}, {"uuid": "2b95d0d6-9313-4d9a-b478-6b59b23bacc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/155", "content": "Exploiting CVE-2021-41073 in io_uring\n\nValentina Palmiotti published an excellent write-up about exploiting a type confusion in io_uring to gain root privileges.\n\nThis bug allows freeing arbitrary slab allocations from the kmalloc-32 cache.\n\nValentina described how she constructed these exploit primitives:\n\n\u2714\ufe0f UAF in kmalloc-32\n\u2714\ufe0f Kernel heap info-leak\n\u2714\ufe0f Control flow hijacking\n\u2714\ufe0f Illegal privilege escalation\n\nThe researcher also described her experience with responsible disclosure.", "creation_timestamp": "2022-03-09T18:56:10.000000Z"}, {"uuid": "708f4279-8ef0-4653-8f23-6c6673746de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1427", "content": "kernel-linux-factory\n*\n\u0423\u0434\u043e\u0431\u043d\u043e \u0442\u0435\u043c, \u0447\u0442\u043e \u043d\u0435 \u043d\u0443\u0436\u043d\u043e \u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043b\u0438 \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0442\u044c \u0441\u0440\u0435\u0434\u0443, \u0433\u043b\u044f\u043d\u0443\u043b \u043a\u0430\u043a\u043e\u0435 \u044f\u0434\u0440\u043e, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b \u0441\u043f\u043b\u043e\u0435\u0442, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043f\u043e \u043c\u043e\u0440\u0434\u0435 #root\n*\n\u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 exploits \u0434\u043b\u044f:\nCVE-2016-9793\n4-20-BPF-integer\nCVE-2017-5123\nCVE-2017-6074\nCVE-2017-7308\nCVE-2017-8890\nCVE-2017-11176\nCVE-2017-16995\nCVE-2017-1000112\nCVE-2018-5333\nCVE-2019-9213 & CVE-2019-8956\nCVE-2019-15666\nCVE-2020-8835\nCVE-2020-27194\nCVE-2021-3156\nCVE-2021-31440\nCVE-2021-3490\nCVE-2021-22555\nCVE-2021-41073\nCVE-2021-4154\nCVE-2021-42008\nCVE-2021-43267\nCVE-2022-0185\nCVE-2022-0847\nCVE-2022-0995\nCVE-2022-1015\nCVE-2022-2588\nCVE-2022-2639\nCVE-2022-25636\nCVE-2022-27666\nCVE-2022-32250\nCVE-2022-34918\n\ndownload\n\n#linux #exploits #kernel", "creation_timestamp": "2023-03-23T06:30:43.000000Z"}, {"uuid": "a0603d55-d5ca-4ded-9bff-4591660e9728", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5733", "content": "#exploit\nCVE-2021-41073:\nType confusion in Linux io_uring\nhttps://gist.github.com/QiuhaoLi/d66b0ff2aa5058bd007a3f6c61d29b6e", "creation_timestamp": "2022-04-03T13:37:01.000000Z"}, {"uuid": "44c1b2c2-3c8c-4ff5-86a4-466acacb55e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41073", "type": "published-proof-of-concept", "source": "https://t.me/linkersec/173", "content": "io_uring - new code, new bugs, and a new exploit technique\n\nLam Jun Rong published an article that covers analyzing and exploiting CVE-2021-41073, an invalid-free vulnerability in the io_uring subsystem.\n\nThis vulnerability has previously been exploited by Valentina Palmiotti, but that exploit relied on eBPF. The new exploit targets Ubuntu 21.10, where eBPF is not available to unprivileged users.", "creation_timestamp": "2022-07-04T10:47:21.000000Z"}, {"uuid": "5339eb2f-8aed-42f7-a98b-ec343af48539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41073", "type": "seen", "source": "Telegram/TXmZ8EBGvdc4uufvEqu6hfgyjEc7K_gjD1Jpp8Uzvu6-KK0", "content": "", "creation_timestamp": "2023-03-23T09:18:19.000000Z"}, {"uuid": "5f1a7045-5f85-4977-b5ce-7859a490d7ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41072", "type": "seen", "source": "https://t.me/arpsyndicate/2849", "content": "#ExploitObserverAlert\n\nCVE-2021-41072\n\nDESCRIPTION: Exploit Observer has 5 entries in 2 file formats related to CVE-2021-41072. squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.\n\nFIRST-EPSS: 0.002930000\nNVD-IS: 5.2\nNVD-ES: 2.8", "creation_timestamp": "2024-01-16T12:24:04.000000Z"}, {"uuid": "595b47be-a839-47a6-b62a-b98181c3a8a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41073", "type": "seen", "source": "https://t.me/cKure/7176", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Interesting thread: CVE-2021-41073 (Linux LPE Kernel bug - 5.1 to 5.14.6)\n\nhttps://twitter.com/chompie1337/status/1439743758447398918", "creation_timestamp": "2021-09-20T18:29:23.000000Z"}]}