{"vulnerability": "CVE-2020-2576", "sightings": [{"uuid": "8ffba432-5861-49d5-adc0-47ee6c2ae8eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25767", "type": "seen", "source": "https://t.me/cibsecurity/27564", "content": "\u203c CVE-2020-25767 \u203c\n\nAn issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnc_copy_in routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bounds of the packet (e.g., forward compression pointer jumps are allowed), which leads to an Out-of-bounds Read, and a Denial-of-Service as a consequence.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-18T22:17:07.000000Z"}, {"uuid": "9f9d4ea4-6616-48ad-a856-4075db1e5213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25769", "type": "published-proof-of-concept", "source": "https://t.me/cKure/2521", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 Local Privilege Escalation in GOG Galaxy 2.0.16.187 (Windows platform) aka CVE-2020-25769", "creation_timestamp": "2020-10-13T13:15:09.000000Z"}, {"uuid": "5f826e5c-f85c-49bc-a1c3-f99d75d01db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25763", "type": "seen", "source": "https://t.me/cibsecurity/14966", "content": "\u203c CVE-2020-25763 \u203c\n\nSeat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-09-30T22:58:19.000000Z"}, {"uuid": "21cfb1b7-e71c-425a-95cc-16d701618485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25768", "type": "seen", "source": "https://t.me/cibsecurity/15136", "content": "\u203c CVE-2020-25768 \u203c\n\nContao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-08T00:29:28.000000Z"}, {"uuid": "9bd84763-1737-4092-b3de-d42f0296ecdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25765", "type": "seen", "source": "https://t.me/cibsecurity/15668", "content": "\u203c CVE-2020-25765 \u203c\n\nAddressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-27T23:47:02.000000Z"}]}