{"vulnerability": "cve-2021-2029", "sightings": [{"uuid": "511a18df-56b0-46fb-9b01-8fd5b75b528a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20294", "type": "published-proof-of-concept", "source": "Telegram/IMVWGbIsRdC2nDsNCi19t7tWTUCsQmhC_72ZVcTsEb1XgZI", "content": "", "creation_timestamp": "2023-02-20T07:03:36.000000Z"}, {"uuid": "7804fd11-0b68-4b30-92f5-5495c80b6029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20299", "type": "seen", "source": "https://t.me/cibsecurity/39086", "content": "\u203c CVE-2021-20299 \u203c\n\nA flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-16T17:33:58.000000Z"}, {"uuid": "84e5f724-e1a1-47ad-a312-44de6a799000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20295", "type": "seen", "source": "https://t.me/VulnerabilityNews/27428", "content": "It was discovered that the update for the virt:rhel module in the RHSA-2020:4676 (https://ift.tt/PRW3jtu) erratum released as part of Red Hat Enterprise Linux 8.3 failed to include the fix for the qemu-kvm component issue CVE-2020-10756, which was previously corrected in virt:rhel/qemu-kvm via erratum RHSA-2020:4059 (https://ift.tt/tqpc1GB). CVE-2021-20295 was assigned to that Red Hat specific security regression. For more details about the original security issue CVE-2020-10756, refer to bug 1835986 or the CVE page: https://ift.tt/kDXvcR8.\nPublished at: April 02, 2022 at 01:15AM\nView on website", "creation_timestamp": "2022-04-02T02:42:56.000000Z"}, {"uuid": "439fa42f-26f2-45cd-bfba-08c2bca5d9c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20291", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3154", "content": "#Threat_Research\n1. Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310)\nhttps://securelist.com/zero-day-vulnerability-in-desktop-window-manager-cve-2021-28310-used-in-the-wild/101898\n2. Bugs in a Popular Third-Party Ethernet/IP Protocol Stack (CVE-2021-27478, CVE-2021-27482, CVE-2021-27498, CVE-2021-27500)\nhttps://www.claroty.com/2021/04/15/blog-research-fuzzing-and-pring\n3. New Vulnerability Affecting Container Engines CRI-O/Podman (CVE-2021-20291)\nhttps://unit42.paloaltonetworks.com/cve-2021-20291", "creation_timestamp": "2021-04-18T14:31:16.000000Z"}, {"uuid": "a9a60c36-0b7d-40ad-8403-66c7e1fdc0a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20294", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7787", "content": "#exploit\n1. CVE-2023-23752:\nCMS Joomla - unauthorized access to webservice endpoints\nhttps://github.com/WhiteOwl-Pub/CVE-2023-23752\n\n2. CVE-2021-20294:\nVulnerability in the GNU Binutils readelf utility\nhttps://github.com/tin-z/CVE-2021-20294-POC", "creation_timestamp": "2023-02-20T11:00:35.000000Z"}, {"uuid": "7841191c-3ca2-4487-a3a4-ac61e8e47361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20294", "type": "published-proof-of-concept", "source": "https://t.me/Securi3yTalent/67", "content": "\u200b\u200bCVE-2021-20294-POC\n\nA flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack BoF, OOB write of arbitrary data supplied by the attacker.\n\nhttps://github.com/tin-z/CVE-2021-20294-POC\n\n#cve #poc #devmehedi101 #Ethical_Hacking #Cyber_Security #ethical_hacking_masters_course #bugbountytips #BugBountyHunter #securitytalent", "creation_timestamp": "2023-03-19T05:47:14.000000Z"}, {"uuid": "7d235240-a474-4e16-8d31-ec09f577a051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20291", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3162", "content": "#Blue_Team_Techniques\n1. Decoding Cobalt Strike Traffic\nhttps://isc.sans.edu/forums/diary/Decoding+Cobalt+Strike+Traffic/27322\n2. Mitigating CVE-2021-20291: \nDoS affecting CRI-O/Podman\nhttps://sysdig.com/blog/cve-2021-20291-cri-o-podman", "creation_timestamp": "2022-01-03T08:26:52.000000Z"}, {"uuid": "3ae35824-7d6b-47c6-b636-e4e9a85dd038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20297", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5977", "content": "| CVE-2021-3569 2.1 https://vulners.com/cve/CVE-2021-3569\n| CVE-2021-3527 2.1 https://vulners.com/cve/CVE-2021-3527 | CVE-2021-3446 2.1 https://vulners.com/cve/CVE-2021-3446 | CVE-2021-3416 2.1 https://vulners.com/cve/CVE-2021-3416 | CVE-2021-20320 2.1 https://vulners.com/cve/CVE-2021-20320\n| CVE-2021-20297 2.1 https://vulners.com/cve/CVE-2021-20297 | CVE-2021-20257 2.1 https://vulners.com/cve/CVE-2021-20257 | CVE-2021-20239 2.1 https://vulners.com/cve/CVE-2021-20239 | CVE-2021-20221 2.1 https://vulners.com/cve/CVE-2021-20221\n| CVE-2020-25743 2.1 https://vulners.com/cve/CVE-2020-25743\n| CVE-2020-12458 2.1 https://vulners.com/cve/CVE-2020-12458\n| CVE-2020-10756 2.1 https://vulners.com/cve/CVE-2020-10756\n| CVE-2019-18391 2.1 https://vulners.com/cve/CVE-2019-18391\n| CVE-2019-14826 2.1 https://vulners.com/cve/CVE-2019-14826\n| CVE-2019-13313 2.1 https://vulners.com/cve/CVE-2019-13313 | CVE-2019-12067 2.1 https://vulners.com/cve/CVE-2019-12067 | CVE-2019-11884 2.1 https://vulners.com/cve/CVE-2019-11884 | CVE-2019-11833 2.1 https://vulners.com/cve/CVE-2019-11833 | CVE-2019-11135 2.1 https://vulners.com/cve/CVE-2019-11135 | CVE-2019-10183 2.1 https://vulners.com/cve/CVE-2019-10183 | CVE-2018-16878 2.1 https://vulners.com/cve/CVE-2018-16878 | CVE-2004-0554 2.1 https://vulners.com/cve/CVE-2004-0554 | 1AC912AC-B7DA-5F88-B22A-12B17E5D1D5C 2.1 https://vulners.com/githubexploit/1AC912AC-B7DA-5F88-B22A-12B17E5D1D5C *EXPLOIT*\n| CVE-2023-1289 1.9 https://vulners.com/cve/CVE-2023-1289\n| CVE-2022-25310 1.9 https://vulners.com/cve/CVE-2022-25310 | CVE-2022-25309 1.9 https://vulners.com/cve/CVE-2022-25309 | CVE-2021-4217 1.9 https://vulners.com/cve/CVE-2021-4217 | CVE-2021-3753 1.9 https://vulners.com/cve/CVE-2021-3753 | CVE-2021-3602 1.9 https://vulners.com/cve/CVE-2021-3602 | CVE-2020-25656 1.9 https://vulners.com/cve/CVE-2020-25656 | CVE-2019-2634 1.9 https://vulners.com/cve/CVE-2019-2634 | CVE-2019-2535 1.9 https://vulners.com/cve/CVE-2019-2535 | CVE-2019-18660 1.9 https://vulners.com/cve/CVE-2019-18660\n| PRION:CVE-2023-22024 1.7 https://vulners.com/prion/PRION:CVE-2023-22024\n| CVE-2023-3161 1.7 https://vulners.com/cve/CVE-2023-3161\n| CVE-2023-28328 1.7 https://vulners.com/cve/CVE-2023-28328\n| CVE-2023-28327 1.7 https://vulners.com/cve/CVE-2023-28327\n| CVE-2023-2700 1.7 https://vulners.com/cve/CVE-2023-2700\n| CVE-2023-2602 1.7 https://vulners.com/cve/CVE-2023-2602\n| CVE-2023-1981 1.7 https://vulners.com/cve/CVE-2023-1981\n| CVE-2023-1095 1.7 https://vulners.com/cve/CVE-2023-1095 | CVE-2022-2153 1.7 https://vulners.com/cve/CVE-2022-2153\n| CVE-2022-1263 1.7 https://vulners.com/cve/CVE-2022-1263", "creation_timestamp": "2023-11-15T16:53:03.000000Z"}, {"uuid": "e59fc469-70d1-4b87-84dd-18d3ef6c62e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-20290", "type": "seen", "source": "https://t.me/cibsecurity/39562", "content": "\u203c CVE-2021-20290 \u203c\n\nAn improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart-proxy allows foreman clients to execute actions that should be limited to the Foreman Server. This flaw allows an authenticated local attacker to access and delete limited resources and also causes a denial of service on the Foreman server. The highest threat from this vulnerability is to integrity and system availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T21:31:06.000000Z"}, {"uuid": "c0d4cdee-4beb-4517-a61d-a74900a4fdf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-2029", "type": "seen", "source": "https://t.me/cibsecurity/22341", "content": "\u203c CVE-2021-2029 \u203c\n\nVulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: Miscellaneous). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful attacks of this vulnerability can result in takeover of Oracle Scripting. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T18:27:20.000000Z"}]}