{"vulnerability": "CVE-2020-2565", "sightings": [{"uuid": "8c75ede4-3d66-402b-b56e-01c4300ee191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25656", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5977", "content": "| CVE-2021-3569 2.1 https://vulners.com/cve/CVE-2021-3569\n| CVE-2021-3527 2.1 https://vulners.com/cve/CVE-2021-3527 | CVE-2021-3446 2.1 https://vulners.com/cve/CVE-2021-3446 | CVE-2021-3416 2.1 https://vulners.com/cve/CVE-2021-3416 | CVE-2021-20320 2.1 https://vulners.com/cve/CVE-2021-20320\n| CVE-2021-20297 2.1 https://vulners.com/cve/CVE-2021-20297 | CVE-2021-20257 2.1 https://vulners.com/cve/CVE-2021-20257 | CVE-2021-20239 2.1 https://vulners.com/cve/CVE-2021-20239 | CVE-2021-20221 2.1 https://vulners.com/cve/CVE-2021-20221\n| CVE-2020-25743 2.1 https://vulners.com/cve/CVE-2020-25743\n| CVE-2020-12458 2.1 https://vulners.com/cve/CVE-2020-12458\n| CVE-2020-10756 2.1 https://vulners.com/cve/CVE-2020-10756\n| CVE-2019-18391 2.1 https://vulners.com/cve/CVE-2019-18391\n| CVE-2019-14826 2.1 https://vulners.com/cve/CVE-2019-14826\n| CVE-2019-13313 2.1 https://vulners.com/cve/CVE-2019-13313 | CVE-2019-12067 2.1 https://vulners.com/cve/CVE-2019-12067 | CVE-2019-11884 2.1 https://vulners.com/cve/CVE-2019-11884 | CVE-2019-11833 2.1 https://vulners.com/cve/CVE-2019-11833 | CVE-2019-11135 2.1 https://vulners.com/cve/CVE-2019-11135 | CVE-2019-10183 2.1 https://vulners.com/cve/CVE-2019-10183 | CVE-2018-16878 2.1 https://vulners.com/cve/CVE-2018-16878 | CVE-2004-0554 2.1 https://vulners.com/cve/CVE-2004-0554 | 1AC912AC-B7DA-5F88-B22A-12B17E5D1D5C 2.1 https://vulners.com/githubexploit/1AC912AC-B7DA-5F88-B22A-12B17E5D1D5C *EXPLOIT*\n| CVE-2023-1289 1.9 https://vulners.com/cve/CVE-2023-1289\n| CVE-2022-25310 1.9 https://vulners.com/cve/CVE-2022-25310 | CVE-2022-25309 1.9 https://vulners.com/cve/CVE-2022-25309 | CVE-2021-4217 1.9 https://vulners.com/cve/CVE-2021-4217 | CVE-2021-3753 1.9 https://vulners.com/cve/CVE-2021-3753 | CVE-2021-3602 1.9 https://vulners.com/cve/CVE-2021-3602 | CVE-2020-25656 1.9 https://vulners.com/cve/CVE-2020-25656 | CVE-2019-2634 1.9 https://vulners.com/cve/CVE-2019-2634 | CVE-2019-2535 1.9 https://vulners.com/cve/CVE-2019-2535 | CVE-2019-18660 1.9 https://vulners.com/cve/CVE-2019-18660\n| PRION:CVE-2023-22024 1.7 https://vulners.com/prion/PRION:CVE-2023-22024\n| CVE-2023-3161 1.7 https://vulners.com/cve/CVE-2023-3161\n| CVE-2023-28328 1.7 https://vulners.com/cve/CVE-2023-28328\n| CVE-2023-28327 1.7 https://vulners.com/cve/CVE-2023-28327\n| CVE-2023-2700 1.7 https://vulners.com/cve/CVE-2023-2700\n| CVE-2023-2602 1.7 https://vulners.com/cve/CVE-2023-2602\n| CVE-2023-1981 1.7 https://vulners.com/cve/CVE-2023-1981\n| CVE-2023-1095 1.7 https://vulners.com/cve/CVE-2023-1095 | CVE-2022-2153 1.7 https://vulners.com/cve/CVE-2022-2153\n| CVE-2022-1263 1.7 https://vulners.com/cve/CVE-2022-1263", "creation_timestamp": "2023-11-15T16:53:03.000000Z"}, {"uuid": "88b22d87-8131-4d07-84e2-7b74fd9d66e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25650", "type": "published-proof-of-concept", "source": "Telegram/7XG3Qhyveq0sd-sorvBusAou1bYnK4tFO-cr4qbsp7Vd2w0", "content": "", "creation_timestamp": "2024-08-28T07:50:25.000000Z"}, {"uuid": "419aeed9-dcd0-4dcf-bec9-be560480ee9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25656", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/1950", "content": "#exploit\n1. CVE-2020-26887:\nAVM FRITZ! Box 7490 Wi-Fi 11AC Router (<=7.20) and potentially others - DNS Rebinding Protection Bypass\nhttps://www.redteam-pentesting.de/en/advisories/rt-sa-2020-003/-fritz-box-dns-rebinding-protection-bypass\n\n2. CVE-2020-25656:\nLinux 3.4 - 5.9 kernel concurrency UAF\nin vt_do_kdgkb_ioctl\nhttps://seclists.org/oss-sec/2020/q4/63", "creation_timestamp": "2022-06-09T03:15:17.000000Z"}, {"uuid": "e632c90f-b78c-406d-a6f5-951911c75097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25652", "type": "seen", "source": "https://t.me/cibsecurity/16859", "content": "\u203c CVE-2020-25652 \u203c\n\nA flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to the spice-vdagentd daemon, resulting in a denial of service. The highest threat from this vulnerability is to system availability. This flaw affects spice-vdagent versions 0.20 and prior.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-26T07:48:25.000000Z"}, {"uuid": "262046fe-f7be-4872-8a12-6f33d5829859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25657", "type": "seen", "source": "https://t.me/ctinow/179623", "content": "https://ift.tt/LvWiBc7\n[GHSA-944j-8ch6-rf6x] m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657", "creation_timestamp": "2024-02-05T23:56:56.000000Z"}, {"uuid": "c7fc7297-f78e-4ea9-9efb-8b7cf9f02bf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25651", "type": "seen", "source": "https://t.me/cibsecurity/16861", "content": "\u203c CVE-2020-25651 \u203c\n\nA flaw was found in the SPICE file transfer protocol. File data from the host system can end up in full or in parts in the client connection of an illegitimate local user in the VM system. Active file transfers from other users could also be interrupted, resulting in a denial of service. The highest threat from this vulnerability is to data confidentiality as well as system availability. This flaw affects spice-vdagent versions 0.20 and prior.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-26T07:48:27.000000Z"}, {"uuid": "68e4fcae-c330-40fe-a4a2-d7c662d1b472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25653", "type": "seen", "source": "https://t.me/cibsecurity/16860", "content": "\u203c CVE-2020-25653 \u203c\n\nA race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. This flaw may allow an unprivileged local guest user to become the active agent for spice-vdagentd, possibly resulting in a denial of service or information leakage from the host. The highest threat from this vulnerability is to data confidentiality as well as system availability. This flaw affects spice-vdagent versions 0.20 and prior.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-26T07:48:26.000000Z"}, {"uuid": "48be8c6c-755b-405f-ad68-85eeee3b8db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25654", "type": "seen", "source": "https://t.me/cibsecurity/16810", "content": "\u203c CVE-2020-25654 \u203c\n\nAn ACL bypass flaw was found in pacemaker before 1.1.24-rc1 and 2.0.5-rc2. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing if they went through the configuration.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-24T22:47:00.000000Z"}, {"uuid": "b0d18c7e-46f6-4238-908d-4276866fa525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25655", "type": "seen", "source": "https://t.me/cibsecurity/16026", "content": "\u203c CVE-2020-25655 \u203c\n\nAn issue was discovered in ManagedClusterView API, that could allow secrets to be disclosed to users without the correct permissions. Views created for an admin user would be made available for a short time to users with only view permission. In this short time window the user with view permission could read cluster secrets that should only be disclosed to admin users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-09T18:55:23.000000Z"}, {"uuid": "6d7fbe1c-c241-4673-a075-125e62ee9ce6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25658", "type": "seen", "source": "https://t.me/cibsecurity/16207", "content": "\u203c CVE-2020-25658 \u203c\n\nIt was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T16:31:40.000000Z"}]}