{"vulnerability": "cve-2021-4169", "sightings": [{"uuid": "828baef6-8c60-4ee3-9965-2ee8a6de3ccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41690", "type": "seen", "source": "https://t.me/cibsecurity/45280", "content": "\u203c CVE-2021-41690 \u203c\n\nDCMTK through 3.6.6 does not handle memory free properly. The malloced memory for storing all file information are recorded in a global variable LST and are not freed properly. Sending specific requests to the dcmqrdb program can incur a memory leak. An attacker can use it to launch a DoS attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T16:35:54.000000Z"}, {"uuid": "43f114e7-99b7-40bc-8920-f688d37737af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41697", "type": "seen", "source": "https://t.me/cibsecurity/33702", "content": "\u203c CVE-2021-41697 \u203c\n\nA reflected Cross Site Scripting (XSS) vulnerability exists in Premiumdatingscript 4.2.7.7 via the aerror_description parameter in assets/sources/instagram.php script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:24:11.000000Z"}, {"uuid": "4c5b653c-bcb9-46b6-909c-ebe2a15817fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41695", "type": "seen", "source": "https://t.me/cibsecurity/33703", "content": "\u203c CVE-2021-41695 \u203c\n\nAn SQL Injection vulnerability exists in Premiumdatingscript 4.2.7.7 via the ip parameter in connect.php. .\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:24:13.000000Z"}, {"uuid": "66d382cd-6ebf-4b4d-8ad7-a36ffd785bed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41694", "type": "seen", "source": "https://t.me/cibsecurity/33698", "content": "\u203c CVE-2021-41694 \u203c\n\nAn Incorrect Access Control vulnerability exists in Premiumdatingscript 4.2.7.7 via the password change procedure in requests\\user.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:24:04.000000Z"}, {"uuid": "2d9a353b-aa0d-43ac-a976-8a30760bb5d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41696", "type": "seen", "source": "https://t.me/cibsecurity/33688", "content": "\u203c CVE-2021-41696 \u203c\n\nAn authentication bypass (account takeover) vulnerability exists in Premiumdatingscript 4.2.7.7 due to a weak password reset mechanism in requests\\user.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-09T18:23:51.000000Z"}, {"uuid": "5c55ffad-5c99-47c4-b1b3-7b737b321879", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41691", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-41691.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "b456292c-e3c0-4918-b71e-e70b06b561b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41691", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsh573pcdv2a", "content": "", "creation_timestamp": "2025-06-25T17:29:39.551636Z"}, {"uuid": "6abc7753-f28c-40cc-8955-b4c04c20f415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41691", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lsmjzajv5b2e", "content": "", "creation_timestamp": "2025-06-27T21:02:25.499337Z"}, {"uuid": "4d070e49-5c56-49bf-b8c6-431dd42af776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-41691", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19361", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-41691\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the \"student_id\" and \"TRANSFER{SCHOOL]\" parameters in POST request sent to /TransferredOutModal.php.\n\ud83d\udccf Published: 2025-06-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-24T15:39:48.730Z\n\ud83d\udd17 References:\n1. https://opensis.com/\n2. https://github.com/OS4ED/openSIS-Classic/\n3. https://resources.s4e.io/blog/opensis-student-information-system-0-day-vulnerability-cve-2021-41691/", "creation_timestamp": "2025-06-24T15:47:04.000000Z"}]}