{"vulnerability": "CVE-2020-3661", "sightings": [{"uuid": "17c67055-a063-4652-ab9e-87b6cf103919", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36619", "type": "seen", "source": "https://t.me/cibsecurity/54870", "content": "\u203c CVE-2020-36619 \u203c\n\nA vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the function add_ch of the file demod_flex.c. The manipulation of the argument ch leads to format string. Upgrading to version 1.2.0 is able to address this issue. The name of the patch is e5a51c508ef952e81a6da25b43034dd1ed023c07. It is recommended to upgrade the affected component. The identifier VDB-216269 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T16:10:46.000000Z"}, {"uuid": "8f7ee00c-97e3-4a17-8128-818ead01c4d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36611", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10330", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-36611\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00.\n\n\n\ud83d\udccf Published: 2023-01-17T01:21:48.024Z\n\ud83d\udccf Modified: 2025-04-03T19:23:50.919Z\n\ud83d\udd17 References:\n1. https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-101/index.html", "creation_timestamp": "2025-04-03T19:35:41.000000Z"}, {"uuid": "9293a6c0-cd87-4c0b-9e29-eb55d0d247a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36618", "type": "seen", "source": "https://t.me/cibsecurity/54861", "content": "\u203c CVE-2020-36618 \u203c\n\nA vulnerability classified as critical has been found in Furqan node-whois. Affected is an unknown function of the file index.coffee. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). It is possible to launch the attack remotely. The name of the patch is 46ccc2aee8d063c7b6b4dee2c2834113b7286076. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216252.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-19T16:10:35.000000Z"}, {"uuid": "8ce03f18-80b6-4073-b60c-9ca7107aea77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36617", "type": "seen", "source": "https://t.me/cibsecurity/54825", "content": "\u203c CVE-2020-36617 \u203c\n\n** DISPUTED ** A vulnerability was found in ewxrjk sftpserver. It has been declared as problematic. Affected by this vulnerability is the function sftp_parse_path of the file parse.c. The manipulation leads to uninitialized pointer. The real existence of this vulnerability is still doubted at the moment. The name of the patch is bf4032f34832ee11d79aa60a226cc018e7ec5eed. It is recommended to apply a patch to fix this issue. The identifier VDB-216205 was assigned to this vulnerability. NOTE: In some deployment models this would be a vulnerability. README specifically warns about avoiding such deployment models.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-18T18:40:53.000000Z"}]}