{"vulnerability": "CVE-2020-1747", "sightings": [{"uuid": "7fbcc384-f77e-4cfc-8a9d-62163e3cd329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-1747", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "f03296b0-cf62-4472-9319-8639d184905d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1747", "type": "seen", "source": "https://gist.github.com/Dvoryashina/b214d46c1033090540f99c687e72a656", "content": "", "creation_timestamp": "2025-12-13T06:50:38.000000Z"}, {"uuid": "5d0cfb5e-7152-46f5-a214-05ad29c1b587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1747", "type": "seen", "source": "https://t.me/cibsecurity/23332", "content": "\u203c CVE-2020-14343 \u203c\n\nA vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-10T00:40:45.000000Z"}, {"uuid": "83c540d8-8361-415c-980b-dda58e180191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17477", "type": "seen", "source": "https://t.me/cibsecurity/72954", "content": "\u203c CVE-2020-17477 \u203c\n\nIncorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote teachers, staff, and school administrators to read LDAP password hashes (sambaNTPassword, krb5Key, sambaPasswordHistory, and pwhistory) via LDAP search requests. For example, a teacher can gain administrator access via an NTLM hash.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-26T16:16:04.000000Z"}, {"uuid": "6bed78ea-5915-4296-b36c-a4f2af0a81b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17470", "type": "seen", "source": "https://t.me/cibsecurity/20686", "content": "\u203c CVE-2020-17470 \u203c\n\nAn issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly simplifies DNS cache poisoning attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:39:13.000000Z"}, {"uuid": "b80b849e-1f90-458c-8f83-93d1ab703e28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17470", "type": "seen", "source": "https://t.me/cibsecurity/20725", "content": "\u203c CVE-2020-17470 \u203c\n\nAn issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly simplifies DNS cache poisoning attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T04:07:28.000000Z"}, {"uuid": "2ac3afdf-f5c0-4ab7-9c00-e6ac81ca0386", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17470", "type": "seen", "source": "https://t.me/cibsecurity/20666", "content": "\u203c CVE-2020-17470 \u203c\n\nAn issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly simplifies DNS cache poisoning attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:36:15.000000Z"}, {"uuid": "c466baf0-017d-470a-9fcf-03918aeefa05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17470", "type": "seen", "source": "https://t.me/cibsecurity/20706", "content": "\u203c CVE-2020-17470 \u203c\n\nAn issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1 in _fnet_dns_poll in fnet_dns.c). This significantly simplifies DNS cache poisoning attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T03:25:39.000000Z"}]}