{"vulnerability": "CVE-2020-1510", "sightings": [{"uuid": "f2ceb163-86fa-4ad6-b656-145e12bb33b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1510", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1840", "content": "#exploit\nCVE-2020-1510:\nWindows 10 x64 1909 (OS Build 18363.719) -\nOut Of Bound Read\nhttps://cpr-zero.checkpoint.com/vulns/cprid-2157/", "creation_timestamp": "2024-10-17T17:58:39.000000Z"}, {"uuid": "fc4906c2-07d2-4d0b-b9c0-b258c119ad13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15103", "type": "seen", "source": "https://t.me/arpsyndicate/906", "content": "#ExploitObserverAlert\n\nCVE-2020-15103\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2020-15103. In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto\n\nFIRST-EPSS: 0.001110000\nNVD-IS: 1.4\nNVD-ES: 2.1", "creation_timestamp": "2023-12-03T00:47:20.000000Z"}, {"uuid": "1d8514a1-d5e7-4a16-b9ca-bc01b4037777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15106", "type": "seen", "source": "https://t.me/cibsecurity/13908", "content": "ATENTION\u203c New - CVE-2020-15106\n\nIn etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-05T22:55:20.000000Z"}]}