Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-14T16:33:07.137595+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/8831eecf-7eea-438a-a8c9-24f0c2836d45/export 8831eecf-7eea-438a-a8c9-24f0c2836d45 2026-06-14T16:33:07.474878+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "8831eecf-7eea-438a-a8c9-24f0c2836d45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "seen", "source": "https://t.me/cibsecurity/35270", "content": "\u203c CVE-2021-43972 \u203c\n\nAn unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters in the HTTP POST body.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-11T22:16:21.000000Z"} 2022-01-11T22:16:21+00:00 https://vulnerability.circl.lu/sighting/68ff3024-d982-40d0-af22-e68c29949349/export 68ff3024-d982-40d0-af22-e68c29949349 2026-06-14T16:33:07.474744+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "68ff3024-d982-40d0-af22-e68c29949349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43974", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} 2022-01-22T08:45:24+00:00 https://vulnerability.circl.lu/sighting/01eea761-c255-4978-8f16-f56ac86a7100/export 01eea761-c255-4978-8f16-f56ac86a7100 2026-06-14T16:33:07.474572+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "01eea761-c255-4978-8f16-f56ac86a7100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43973", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} 2022-01-22T08:45:24+00:00 https://vulnerability.circl.lu/sighting/7641c15e-5dc2-43dc-bb32-82c1866d880d/export 7641c15e-5dc2-43dc-bb32-82c1866d880d 2026-06-14T16:33:07.474393+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "7641c15e-5dc2-43dc-bb32-82c1866d880d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} 2022-01-22T08:45:24+00:00 https://vulnerability.circl.lu/sighting/d528c863-8e53-4095-abbc-ce6e5269e7ac/export d528c863-8e53-4095-abbc-ce6e5269e7ac 2026-06-14T16:33:07.474226+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "d528c863-8e53-4095-abbc-ce6e5269e7ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43971", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} 2022-01-22T08:45:24+00:00 https://vulnerability.circl.lu/sighting/e67f496e-de1e-401f-872d-9a9ba3035060/export e67f496e-de1e-401f-872d-9a9ba3035060 2026-06-14T16:33:07.474057+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e67f496e-de1e-401f-872d-9a9ba3035060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43974", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} 2022-01-22T22:20:00+00:00 https://vulnerability.circl.lu/sighting/bfb27f6c-909e-4b94-aa97-a796fee282f4/export bfb27f6c-909e-4b94-aa97-a796fee282f4 2026-06-14T16:33:07.473889+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "bfb27f6c-909e-4b94-aa97-a796fee282f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43973", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} 2022-01-22T22:20:00+00:00 https://vulnerability.circl.lu/sighting/3e42bfa5-432f-43f1-b6e3-cb3e624f363e/export 3e42bfa5-432f-43f1-b6e3-cb3e624f363e 2026-06-14T16:33:07.473707+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3e42bfa5-432f-43f1-b6e3-cb3e624f363e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} 2022-01-22T22:20:00+00:00 https://vulnerability.circl.lu/sighting/02aa4f2a-f5ab-4e97-92ca-a04d22d267b1/export 02aa4f2a-f5ab-4e97-92ca-a04d22d267b1 2026-06-14T16:33:07.473467+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "02aa4f2a-f5ab-4e97-92ca-a04d22d267b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43971", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} 2022-01-22T22:20:00+00:00 https://vulnerability.circl.lu/sighting/3585aca8-5307-4d0b-9583-ab505546f135/export 3585aca8-5307-4d0b-9583-ab505546f135 2026-06-14T16:33:07.471296+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "3585aca8-5307-4d0b-9583-ab505546f135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43970", "type": "seen", "source": "https://t.me/cibsecurity/38652", "content": "\u203c CVE-2021-43970 \u203c\n\nAn arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 (1043) via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated (low privileged) attacker to execute remote code on the target server within the context of application's permissions (SYSTEM).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T06:56:35.000000Z"} 2022-03-18T06:56:35+00:00