{"vulnerability": "CVE-2021-3058", "sightings": [{"uuid": "a40e68a0-3273-4c41-ad2c-91d2d736351a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30583", "type": "seen", "source": "https://t.me/cibsecurity/26787", "content": "\u203c CVE-2021-30583 \u203c\n\nInsufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T00:29:14.000000Z"}, {"uuid": "b1d75ed7-539f-4a0d-b634-6b3694fe527d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3058", "type": "seen", "source": "https://t.me/cibsecurity/32200", "content": "\u203c CVE-2021-3058 \u203c\n\nAn OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. This issue does not impact Prisma Access firewalls.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T20:36:53.000000Z"}, {"uuid": "b07a772a-e3ab-42e8-918a-a9f86fbf80b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30586", "type": "seen", "source": "https://t.me/cibsecurity/26777", "content": "\u203c CVE-2021-30586 \u203c\n\nUse after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T00:29:00.000000Z"}, {"uuid": "0f5e5859-f82a-4e6d-9770-a9294c995c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30588", "type": "seen", "source": "https://t.me/cibsecurity/26776", "content": "\u203c CVE-2021-30588 \u203c\n\nType confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T00:29:00.000000Z"}, {"uuid": "d6042e72-257b-425e-9f2f-445e8cd92e6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30580", "type": "seen", "source": "https://t.me/cibsecurity/26782", "content": "\u203c CVE-2021-30580 \u203c\n\nInsufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T00:29:08.000000Z"}, {"uuid": "cbc5304b-d942-4f1d-946b-54ceab574496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30584", "type": "seen", "source": "https://t.me/cibsecurity/26778", "content": "\u203c CVE-2021-30584 \u203c\n\nIncorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T00:29:01.000000Z"}, {"uuid": "1fd545be-7e50-45b3-9ec4-dee8c7ab0858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30589", "type": "seen", "source": "https://t.me/cibsecurity/26770", "content": "\u203c CVE-2021-30589 \u203c\n\nInsufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T00:28:51.000000Z"}, {"uuid": "aa7fd7ba-3dbd-4449-a848-999648e7a06b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30582", "type": "seen", "source": "https://t.me/cibsecurity/26774", "content": "\u203c CVE-2021-30582 \u203c\n\nInappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T00:28:58.000000Z"}, {"uuid": "12043c66-cfe8-4c6b-ab04-5b6117209599", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-30581", "type": "seen", "source": "https://t.me/cibsecurity/26772", "content": "\u203c CVE-2021-30581 \u203c\n\nUse after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T00:28:53.000000Z"}]}