https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 29 Jun 2026 22:55:13 +0000 https://vulnerability.circl.lu/sighting/0a3b71ad-7199-4654-bcab-f2e8f47b7df8/export {"uuid": "0a3b71ad-7199-4654-bcab-f2e8f47b7df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35506", "type": "seen", "source": "https://t.me/cibsecurity/29971", "content": "\u203c CVE-2021-35506 \u203c\n\nAfian FileRun 2021.03.26 allows XSS when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:43.000000Z"} {"uuid": "0a3b71ad-7199-4654-bcab-f2e8f47b7df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35506", "type": "seen", "source": "https://t.me/cibsecurity/29971", "content": "\u203c CVE-2021-35506 \u203c\n\nAfian FileRun 2021.03.26 allows XSS when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:43.000000Z"} https://vulnerability.circl.lu/sighting/0a3b71ad-7199-4654-bcab-f2e8f47b7df8/export Tue, 05 Oct 2021 16:30:43 +0000 https://vulnerability.circl.lu/sighting/6a8f6c36-fada-4ed7-8597-99215bd68055/export {"uuid": "6a8f6c36-fada-4ed7-8597-99215bd68055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35503", "type": "seen", "source": "https://t.me/cibsecurity/29965", "content": "\u203c CVE-2021-35503 \u203c\n\nAfian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:36.000000Z"} {"uuid": "6a8f6c36-fada-4ed7-8597-99215bd68055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35503", "type": "seen", "source": "https://t.me/cibsecurity/29965", "content": "\u203c CVE-2021-35503 \u203c\n\nAfian FileRun 2021.03.26 allows stored XSS via an HTTP X-Forwarded-For header that is mishandled when rendering Activity Logs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:36.000000Z"} https://vulnerability.circl.lu/sighting/6a8f6c36-fada-4ed7-8597-99215bd68055/export Tue, 05 Oct 2021 16:30:36 +0000 https://vulnerability.circl.lu/sighting/4b78e6ba-a165-4a20-aad9-ca2a07c37cea/export {"uuid": "4b78e6ba-a165-4a20-aad9-ca2a07c37cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35505", "type": "seen", "source": "https://t.me/cibsecurity/29960", "content": "\u203c CVE-2021-35505 \u203c\n\nAfian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:30.000000Z"} {"uuid": "4b78e6ba-a165-4a20-aad9-ca2a07c37cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35505", "type": "seen", "source": "https://t.me/cibsecurity/29960", "content": "\u203c CVE-2021-35505 \u203c\n\nAfian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the magick binary.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:30.000000Z"} https://vulnerability.circl.lu/sighting/4b78e6ba-a165-4a20-aad9-ca2a07c37cea/export Tue, 05 Oct 2021 16:30:30 +0000 https://vulnerability.circl.lu/sighting/f6ba28a3-9336-4374-b6ae-82452263bff5/export {"uuid": "f6ba28a3-9336-4374-b6ae-82452263bff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35504", "type": "seen", "source": "https://t.me/cibsecurity/29956", "content": "\u203c CVE-2021-35504 \u203c\n\nAfian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the ffmpeg binary.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:25.000000Z"} {"uuid": "f6ba28a3-9336-4374-b6ae-82452263bff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35504", "type": "seen", "source": "https://t.me/cibsecurity/29956", "content": "\u203c CVE-2021-35504 \u203c\n\nAfian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path value for the ffmpeg binary.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:25.000000Z"} https://vulnerability.circl.lu/sighting/f6ba28a3-9336-4374-b6ae-82452263bff5/export Tue, 05 Oct 2021 16:30:25 +0000 https://vulnerability.circl.lu/sighting/a9c6ddbe-de47-4356-bbbf-c1ca43ed8d0e/export {"uuid": "a9c6ddbe-de47-4356-bbbf-c1ca43ed8d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35502", "type": "seen", "source": "https://t.me/cibsecurity/25724", "content": "\u203c CVE-2021-35502 \u203c\n\napp/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data related to generic-template:index.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-26T00:19:50.000000Z"} {"uuid": "a9c6ddbe-de47-4356-bbbf-c1ca43ed8d0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35502", "type": "seen", "source": "https://t.me/cibsecurity/25724", "content": "\u203c CVE-2021-35502 \u203c\n\napp/View/Elements/genericElements/IndexTable/Fields/generic_field.ctp in MISP 2.4.144 does not sanitize certain data related to generic-template:index.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-26T00:19:50.000000Z"} https://vulnerability.circl.lu/sighting/a9c6ddbe-de47-4356-bbbf-c1ca43ed8d0e/export Sat, 26 Jun 2021 00:19:50 +0000 https://vulnerability.circl.lu/sighting/b54b7e40-5fa8-48b1-964a-77f9f4a9ffe1/export {"uuid": "b54b7e40-5fa8-48b1-964a-77f9f4a9ffe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35501", "type": "seen", "source": "https://t.me/cibsecurity/25714", "content": "\u203c CVE-2021-35501 \u203c\n\nPandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. When a user or an administrator visits the console, the XSS payload will be executed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-25T20:19:41.000000Z"} {"uuid": "b54b7e40-5fa8-48b1-964a-77f9f4a9ffe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35501", "type": "seen", "source": "https://t.me/cibsecurity/25714", "content": "\u203c CVE-2021-35501 \u203c\n\nPandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. When a user or an administrator visits the console, the XSS payload will be executed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-25T20:19:41.000000Z"} https://vulnerability.circl.lu/sighting/b54b7e40-5fa8-48b1-964a-77f9f4a9ffe1/export Fri, 25 Jun 2021 20:19:41 +0000