{"vulnerability": "cve-2020-2734", "sightings": [{"uuid": "ef66fb24-f72d-46ad-943a-f84789b482fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27348", "type": "seen", "source": "https://t.me/arpsyndicate/4767", "content": "#ExploitObserverAlert\n\nCVE-2020-27348\n\nDESCRIPTION: Exploit Observer has 9 entries in 4 file formats related to CVE-2020-27348. In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.43.1+16.04.1, and prior to 2.43.1+18.04.1.\n\nFIRST-EPSS: 0.000900000\nNVD-IS: 5.5\nNVD-ES: 1.3\nARPS-PRIORITY: 0.7040618", "creation_timestamp": "2024-04-23T19:19:00.000000Z"}, {"uuid": "a900cb89-4d05-4820-ba38-bdec17d7a733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27349", "type": "seen", "source": "https://t.me/cibsecurity/17549", "content": "\u203c CVE-2020-27349 \u203c\n\nAptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T12:25:06.000000Z"}, {"uuid": "e456cde6-9a3d-4410-b822-b45fc6308be9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27349", "type": "seen", "source": "https://t.me/cibsecurity/17489", "content": "\u203c CVE-2020-27349 \u203c\n\nAptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T09:25:19.000000Z"}, {"uuid": "3f29209f-4209-4116-b0c9-a8c9ce9e91c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27349", "type": "seen", "source": "https://t.me/cibsecurity/17529", "content": "\u203c CVE-2020-27349 \u203c\n\nAptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T11:25:10.000000Z"}, {"uuid": "45c411f8-7fa7-44c2-b91c-60061037f5b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27349", "type": "seen", "source": "https://t.me/cibsecurity/17509", "content": "\u203c CVE-2020-27349 \u203c\n\nAptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T10:25:10.000000Z"}, {"uuid": "57536c88-1e4b-4fbb-a779-544cfda1ecdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27348", "type": "seen", "source": "https://t.me/cibsecurity/17140", "content": "\u203c CVE-2020-27348 \u203c\n\nIn some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. This issue affects snapcraft versions prior to 4.4.4, prior to 2.43.1+16.04.1, and prior to 2.43.1+18.04.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-04T07:26:42.000000Z"}, {"uuid": "0f2ce3a0-6060-47df-a2af-063616087c8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27347", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2056", "content": "#exploit\n1. CVE-2020-27347:\ntmux BoF overflow in escape sequence parser\nhttps://seclists.org/oss-sec/2020/q4/100\n\n2. CVE-2020-27996, CVE-2020-27997:\nRCE/EoP in SmartStoreNET (.NET open source e-commerce system) ver. 4.0\nhttps://securitylab.github.com/advisories/GHSL-2020-138-139-SmartstoreAG-SmartStoreNET", "creation_timestamp": "2024-09-28T17:40:10.000000Z"}, {"uuid": "17d6c7c4-1190-42fb-9d5c-cf5071bb02a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27344", "type": "seen", "source": "https://t.me/arpsyndicate/156", "content": "#ExploitObserverAlert\n\nCVE-2020-27344\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-27344. The cm-download-manager plugin before 2.8.0 for WordPress allows XSS.\n\nFIRST-EPSS: 0.000760000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-11-13T18:56:21.000000Z"}, {"uuid": "3582a546-e651-41da-91ae-28d9eb31e2e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27340", "type": "seen", "source": "https://t.me/cibsecurity/21047", "content": "\u203c CVE-2020-27340 \u203c\n\nThe online help portal of Mitel MiCollab before 9.2 could allow an attacker to redirect a user to an unauthorized website by executing malicious script due to insufficient access control.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-18T12:46:40.000000Z"}, {"uuid": "418d3ec1-a779-411f-826b-83aebcd41efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27349", "type": "seen", "source": "https://t.me/cibsecurity/17469", "content": "\u203c CVE-2020-27349 \u203c\n\nAptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T08:25:14.000000Z"}, {"uuid": "3759d7d8-f672-459d-b3e8-0f84fdba732e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27346", "type": "seen", "source": "https://t.me/cibsecurity/15822", "content": "\u203c CVE-2020-27346 \u203c\n\n** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-04T07:41:13.000000Z"}, {"uuid": "0dcd885c-4569-4bfd-b218-3f7c76076c13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-27347", "type": "seen", "source": "https://t.me/cibsecurity/15961", "content": "\u203c CVE-2020-27347 \u203c\n\nThe function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-06T07:50:24.000000Z"}]}