{"vulnerability": "cve-2021-4139", "sightings": [{"uuid": "d032490b-4c8b-4c29-ba34-b1d1f2b91bca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41396", "type": "seen", "source": "https://t.me/cibsecurity/46029", "content": "\u203c CVE-2021-41396 \u203c\n\nLive555 through 1.08 does not handle socket connections properly. A huge number of incoming socket connections in a short time invokes the error-handling module, in which a heap-based buffer overflow happens. An attacker can leverage this to launch a DoS attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-12T18:36:14.000000Z"}, {"uuid": "a1786899-cd13-4fc2-ae4b-5f8b3922254f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4139", "type": "seen", "source": "https://t.me/cibsecurity/34429", "content": "\u203c CVE-2021-4139 \u203c\n\npimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-21T16:13:36.000000Z"}, {"uuid": "a190af1d-e933-4066-b29b-8075e3123393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41391", "type": "seen", "source": "https://t.me/cibsecurity/29074", "content": "\u203c CVE-2021-41391 \u203c\n\nIn Ericsson ECM before 18.0, it was observed that Security Management Endpoint in User Profile Management Section is vulnerable to stored XSS via a name, leading to session hijacking and full account takeover.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-18T00:23:26.000000Z"}, {"uuid": "047bd366-1241-40be-9753-64b39b0d3449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41390", "type": "seen", "source": "https://t.me/cibsecurity/29071", "content": "\u203c CVE-2021-41390 \u203c\n\nIn Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-18T00:23:23.000000Z"}]}