{"vulnerability": "CVE-2021-3754", "sightings": [{"uuid": "650e8ec1-0c2f-4ac9-9420-3da2744ba593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3754", "type": "seen", "source": "https://t.me/arpsyndicate/2916", "content": "#ExploitObserverAlert\n\nCVE-2021-3754\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2021-3754. A flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password.\n\nFIRST-EPSS: 0.000780000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2024-01-19T09:59:08.000000Z"}, {"uuid": "d9957a21-1836-4c71-a24a-c8031c388671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3754", "type": "seen", "source": "https://t.me/cibsecurity/48893", "content": "\u203c CVE-2021-3754 \u203c\n\nA flaw was found in keycloak where an attacker is able to register himself with the username same as the email ID of any existing user. This may cause trouble in getting password recovery email in case the user forgets the password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-26T20:30:25.000000Z"}, {"uuid": "9883431a-9f9a-407a-bc8c-535c38658f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37544", "type": "seen", "source": "https://t.me/cibsecurity/26950", "content": "\u203c CVE-2021-37544 \u203c\n\nIn JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T18:32:47.000000Z"}, {"uuid": "512f0eb0-cdea-4334-810a-89b51ed61e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37547", "type": "seen", "source": "https://t.me/cibsecurity/26941", "content": "\u203c CVE-2021-37547 \u203c\n\nIn JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T18:32:35.000000Z"}, {"uuid": "0e648dba-a88c-4d86-8ef1-e959c6e27ce2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37542", "type": "seen", "source": "https://t.me/cibsecurity/26945", "content": "\u203c CVE-2021-37542 \u203c\n\nIn JetBrains TeamCity before 2020.2.3, XSS was possible.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T18:32:39.000000Z"}, {"uuid": "eae84265-d8dd-42d4-9362-033545e6bf11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37543", "type": "seen", "source": "https://t.me/cibsecurity/26955", "content": "\u203c CVE-2021-37543 \u203c\n\nIn JetBrains RubyMine before 2021.1.1, code execution without user confirmation was possible for untrusted projects.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T18:32:53.000000Z"}, {"uuid": "02a92a6a-9936-46d5-999e-26078c64589e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37546", "type": "seen", "source": "https://t.me/cibsecurity/26954", "content": "\u203c CVE-2021-37546 \u203c\n\nIn JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T18:32:52.000000Z"}, {"uuid": "e7c483c9-515d-4581-94bc-044910274862", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37549", "type": "seen", "source": "https://t.me/cibsecurity/26948", "content": "\u203c CVE-2021-37549 \u203c\n\nIn JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T18:32:45.000000Z"}, {"uuid": "638501ce-d87d-4d36-bdbf-51651b034bd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37540", "type": "seen", "source": "https://t.me/cibsecurity/26946", "content": "\u203c CVE-2021-37540 \u203c\n\nIn JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T18:32:43.000000Z"}, {"uuid": "1af29536-d809-4093-9fad-9325bce95564", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37541", "type": "seen", "source": "https://t.me/cibsecurity/26939", "content": "\u203c CVE-2021-37541 \u203c\n\nIn JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-06T18:32:31.000000Z"}]}