{"vulnerability": "CVE-2021-4159", "sightings": [{"uuid": "8c430e05-68c6-4a12-a579-a8fe9a07fe64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4159", "type": "seen", "source": "https://t.me/cibsecurity/48661", "content": "\u203c CVE-2021-4159 \u203c\n\nA vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-24T20:22:52.000000Z"}, {"uuid": "3bd2bf14-6792-466a-a644-3d485f1e934f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41594", "type": "seen", "source": "https://t.me/cibsecurity/39792", "content": "\u203c CVE-2021-41594 \u203c\n\nIn RSA Archer 6.9.SP1 P3, if some application functions are precluded by the Administrator, this can be bypassed by intercepting the API request at the /api/V2/internal/TaskPermissions/CheckTaskAccess endpoint. If the parameters of this request are replaced with empty fields, the attacker achieves access to the precluded functions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T07:12:01.000000Z"}, {"uuid": "ed17c20f-d560-48c5-8e0a-94a7f2b1c25a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41596", "type": "seen", "source": "https://t.me/cibsecurity/29889", "content": "\u203c CVE-2021-41596 \u203c\n\nSuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-04T20:23:27.000000Z"}, {"uuid": "7af392ff-1d09-4194-a113-3229c894f3bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41595", "type": "seen", "source": "https://t.me/cibsecurity/29900", "content": "\u203c CVE-2021-41595 \u203c\n\nSuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the file_name parameter of the Step3 import functionality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-04T20:23:46.000000Z"}, {"uuid": "79f2c2c2-f5ec-4c50-8028-6a8388bb0c48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41592", "type": "seen", "source": "https://t.me/cibsecurity/29897", "content": "\u203c CVE-2021-41592 \u203c\n\nBlockstream c-lightning through 0.10.1 allows loss of funds because of dust HTLC exposure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-04T20:23:40.000000Z"}, {"uuid": "b816d885-9b8c-4337-ab12-33936b46154c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41593", "type": "seen", "source": "https://t.me/cibsecurity/29906", "content": "\u203c CVE-2021-41593 \u203c\n\nLightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-04T20:24:01.000000Z"}, {"uuid": "201370d5-a13d-4f95-b9a4-80d0257feed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41591", "type": "seen", "source": "https://t.me/cibsecurity/29905", "content": "\u203c CVE-2021-41591 \u203c\n\nACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-04T20:23:58.000000Z"}, {"uuid": "2c20a80e-3fd3-44dc-8592-56232b1cde69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4159", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5978", "content": "| CVE-2022-1184 1.7 https://vulners.com/cve/CVE-2022-1184 | CVE-2022-1016 1.7 https://vulners.com/cve/CVE-2022-1016 | CVE-2022-0852 1.7 https://vulners.com/cve/CVE-2022-0852 | CVE-2022-0851 1.7 https://vulners.com/cve/CVE-2022-0851 | CVE-2022-0175 1.7 https://vulners.com/cve/CVE-2022-0175 | CVE-2022-0171 1.7 https://vulners.com/cve/CVE-2022-0171 | CVE-2021-3997 1.7 https://vulners.com/cve/CVE-2021-3997 | CVE-2021-3669 1.7 https://vulners.com/cve/CVE-2021-3669 | CVE-2022-0168 1.4 https://vulners.com/cve/CVE-2022-0168 | CVE-2021-4159 1.4 https://vulners.com/cve/CVE-2021-4159 | CVE-2019-2536 1.2 https://vulners.com/cve/CVE-2019-2536 | SMNTC-111467 0.0 https://vulners.com/symantec/SMNTC-111467 | SMNTC-111446 0.0 https://vulners.com/symantec/SMNTC-111446 | SMNTC-111409 0.0 https://vulners.com/symantec/SMNTC-111409 | SMNTC-111311 0.0 https://vulners.com/symantec/SMNTC-111311 | SMNTC-111210 0.0 https://vulners.com/symantec/SMNTC-111210 | SMNTC-111183 0.0 https://vulners.com/symantec/SMNTC-111183 | SMNTC-111133 0.0 https://vulners.com/symantec/SMNTC-111133 | SMNTC-111003 0.0 https://vulners.com/symantec/SMNTC-111003 | SMNTC-111000 0.0 https://vulners.com/symantec/SMNTC-111000 | SMNTC-110990 0.0 https://vulners.com/symantec/SMNTC-110990 | SMNTC-110972 0.0 https://vulners.com/symantec/SMNTC-110972\n| SMNTC-110967 0.0 https://vulners.com/symantec/SMNTC-110967\n| SMNTC-110965 0.0 https://vulners.com/symantec/SMNTC-110965\n| SMNTC-110941 0.0 https://vulners.com/symantec/SMNTC-110941\n| SMNTC-110846 0.0 https://vulners.com/symantec/SMNTC-110846\n| SMNTC-110842 0.0 https://vulners.com/symantec/SMNTC-110842 | SMNTC-110841 0.0 https://vulners.com/symantec/SMNTC-110841 | SMNTC-110803 0.0 https://vulners.com/symantec/SMNTC-110803\n| SMNTC-110579 0.0 https://vulners.com/symantec/SMNTC-110579\n| SMNTC-110577 0.0 https://vulners.com/symantec/SMNTC-110577\n| SMNTC-110422 0.0 https://vulners.com/symantec/SMNTC-110422\n| PACKETSTORM:152266 0.0 https://vulners.com/packetstorm/PACKETSTORM:152266 *EXPLOIT* | PACKETSTORM:152251 0.0 https://vulners.com/packetstorm/PACKETSTORM:152251 *EXPLOIT*\n| MSF:EXPLOIT-LINUX-LOCAL-RDS_ATOMIC_FREE_OP_NULL_POINTER_DEREF_PRIV_ESC- 0.0 https://vulners.com/metasploit/MSF:EXPLOIT-LINUX-LOCAL-RDS_ATOMIC_FREE_OP_NULL_POINTER_DEREF_PRIV_ESC- *EXPLOIT* | MSF:EXPLOIT-LINUX-LOCAL-PTRACE_TRACEME_PKEXEC_HELPER- 0.0 https://vulners.com/metasploit/MSF:EXPLOIT-LINUX-LOCAL-PTRACE_TRACEME_PKEXEC_HELPER- *EXPLOIT* |_ AC8391C6-9C7C-562A-A523-E925BC4005C3 0.0 https://vulners.com/githubexploit/AC8391C6-9C7C-562A-A523-E925BC4005C3 *EXPLOIT*", "creation_timestamp": "2023-11-15T16:53:04.000000Z"}, {"uuid": "0d6dea94-3960-4737-94d2-5a4f04c406ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41590", "type": "seen", "source": "https://t.me/cibsecurity/31273", "content": "\u203c CVE-2021-41590 \u203c\n\nIn Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via an SMTP configuration test. The installation configuration user interface available to administrators allows testing the configured SMTP server settings. This test function can be used to identify the listening TCP ports available to the server, revealing information about the internal network environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-27T18:16:05.000000Z"}]}