{"vulnerability": "CVE-2021-3242", "sightings": [{"uuid": "f6fc51fd-1db4-4168-92d0-1eb7e5451f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32420", "type": "seen", "source": "https://t.me/cibsecurity/68990", "content": "\u203c CVE-2021-32420 \u203c\n\ndpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:22:14.000000Z"}, {"uuid": "b161024e-de8f-4cc7-aa81-89ee024ea757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32422", "type": "seen", "source": "https://t.me/cibsecurity/69013", "content": "\u203c CVE-2021-32422 \u203c\n\ndpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:25:15.000000Z"}, {"uuid": "e9265245-55cd-4931-bfcb-19634c0534b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32421", "type": "seen", "source": "https://t.me/cibsecurity/69007", "content": "\u203c CVE-2021-32421 \u203c\n\ndpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T22:25:08.000000Z"}, {"uuid": "c3a4603c-d194-4065-80fe-9e45c5ad09bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3242", "type": "seen", "source": "https://t.me/cibsecurity/37617", "content": "\u203c CVE-2021-3242 \u203c\n\nDuxCMS v3.1.3 was discovered to contain a SQL injection vulnerability via the component s/tools/SendTpl/index?keyword=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T22:36:11.000000Z"}, {"uuid": "3d363bda-15ef-4005-b2ad-a4cccf90cec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32426", "type": "seen", "source": "https://t.me/cibsecurity/25538", "content": "\u203c CVE-2021-32426 \u203c\n\nIn TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary JavaScript into the router's web interface via the \"echo\" command.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-18T02:11:24.000000Z"}]}