{"vulnerability": "CVE-2021-2031", "sightings": [{"uuid": "f1a6e694-4aa3-437d-bbe8-3735976c477f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20316", "type": "seen", "source": "https://t.me/cibsecurity/48591", "content": "\u203c CVE-2021-20316 \u203c\n\nA flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-23T20:21:39.000000Z"}, {"uuid": "0f7eba13-8f28-40af-b2ff-52978a77cbf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20317", "type": "seen", "source": "https://t.me/cibsecurity/29439", "content": "\u203c CVE-2021-20317 \u203c\n\nA flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-27T14:34:36.000000Z"}, {"uuid": "f1f77f55-0f4a-46e6-9343-24ae9193eda0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20318", "type": "seen", "source": "https://t.me/cibsecurity/34584", "content": "\u203c CVE-2021-20318 \u203c\n\nThe HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-23T22:19:36.000000Z"}, {"uuid": "a0d6ec36-12ad-4bab-9ce4-5642afec746f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20319", "type": "seen", "source": "https://t.me/cibsecurity/38442", "content": "\u203c CVE-2021-20319 \u203c\n\nAn improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-04T20:30:04.000000Z"}, {"uuid": "f70776e9-d57a-4b7f-bacb-22564d81cb7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2031", "type": "seen", "source": "https://t.me/cibsecurity/22423", "content": "\u203c CVE-2021-2031 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T18:43:42.000000Z"}, {"uuid": "b0f66de8-5eee-46a9-858e-62319db13e61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20314", "type": "seen", "source": "https://t.me/cibsecurity/27223", "content": "\u203c CVE-2021-20314 \u203c\n\nStack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-12T18:39:43.000000Z"}]}