{"vulnerability": "CVE-2020-1186", "sightings": [{"uuid": "246416c4-ae51-4137-9342-9a95585ef871", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-11868", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c40ac3d7-97e2-4122-87d1-885ab59de383", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11868", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14931", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-11868\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_0, Vector: CVSS:3.0/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N)\n\ud83d\udd39 Description: ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.\n\ud83d\udccf Published: 2020-04-17T03:31:05.000Z\n\ud83d\udccf Modified: 2025-05-05T17:08:18.997Z\n\ud83d\udd17 References:\n1. https://lists.debian.org/debian-lts-announce/2020/05/msg00004.html\n2. http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html\n3. http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html\n4. https://security.gentoo.org/glsa/202007-12\n5. https://www.oracle.com//security-alerts/cpujul2021.html\n6. http://support.ntp.org/bin/view/Main/NtpBug3592\n7. https://bugzilla.redhat.com/show_bug.cgi?id=1716665\n8. https://security.netapp.com/advisory/ntap-20200424-0002/", "creation_timestamp": "2025-05-05T17:20:17.000000Z"}, {"uuid": "6a87801d-3c82-4b6d-9129-9a037710af33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11867", "type": "seen", "source": "https://t.me/cibsecurity/16953", "content": "\u203c CVE-2020-11867 \u203c\n\nAudacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and play the temporary audio .au files located there.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-01T00:53:24.000000Z"}, {"uuid": "c88af9b3-2b06-4b98-b7c4-9c4cb1fdcca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11868", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mjwhlsq6ww2u", "content": "", "creation_timestamp": "2026-04-20T12:25:07.331921Z"}, {"uuid": "e849ecfa-b80c-469d-9fb6-382b8883090a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11868", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mjwtpoafj32e", "content": "", "creation_timestamp": "2026-04-20T16:02:01.932396Z"}, {"uuid": "9a62d7b4-aa88-44df-a0d1-60f191551172", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-11868", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/control-systems-moxa-security-advisory-av26-370", "content": "", "creation_timestamp": "2026-04-20T07:53:59.000000Z"}, {"uuid": "a1e444e2-7129-4bbf-9424-8f98a2ee18df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11862", "type": "seen", "source": "https://t.me/ctinow/207298", "content": "https://ift.tt/kxsvhrg\nCVE-2020-11862", "creation_timestamp": "2024-03-13T23:31:12.000000Z"}, {"uuid": "51f2f8d4-2286-497b-bd34-ffb69de4fe6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11862", "type": "seen", "source": "https://t.me/ctinow/207290", "content": "https://ift.tt/kxsvhrg\nCVE-2020-11862", "creation_timestamp": "2024-03-13T23:26:29.000000Z"}, {"uuid": "579c9194-ea17-4163-8cea-dc904276c997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11860", "type": "seen", "source": "https://t.me/cibsecurity/16429", "content": "\u203c CVE-2020-11860 \u203c\n\nCross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-17T07:38:33.000000Z"}, {"uuid": "a6cdd3e5-2b02-4828-a3cb-629d3421baea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11863", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1700", "content": "#Threat_Research\n1. Spring View Manipulation Vulnerability (PoC)\nhttps://securityboulevard.com/2020/09/spring-view-manipulation-vulnerability\n2. Vulnerability Discovery in Open Source Libraries:\nAnalyzing CVE-2020-11863\nhttps://www.mcafee.com/blogs/other-blogs/mcafee-labs/vulnerability-discovery-in-open-source-libraries-analyzing-cve-2020-11863", "creation_timestamp": "2022-01-29T18:24:53.000000Z"}]}