{"vulnerability": "CVE-2021-3869", "sightings": [{"uuid": "7e686be9-9a2d-413d-8b6e-14f3de73892c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3869", "type": "seen", "source": "https://t.me/cibsecurity/30754", "content": "\u203c CVE-2021-3869 \u203c\n\ncorenlp is vulnerable to Improper Restriction of XML External Entity Reference\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-19T16:33:15.000000Z"}, {"uuid": "f95e9558-5c0c-4930-a355-5a90dfdb2636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38694", "type": "seen", "source": "https://t.me/cibsecurity/35691", "content": "\u203c CVE-2021-38694 \u203c\n\nSoftVibe SARABAN for INFOMA 1.1 allows SQL Injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-18T16:24:05.000000Z"}, {"uuid": "bf232582-27b0-43e9-a234-a4e45704ee0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38696", "type": "seen", "source": "https://t.me/cibsecurity/35704", "content": "\u203c CVE-2021-38696 \u203c\n\nSoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the application without any authentication.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-18T18:24:51.000000Z"}, {"uuid": "cb465f14-bd03-45f8-9bc3-63e76d7efa7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38697", "type": "seen", "source": "https://t.me/cibsecurity/35698", "content": "\u203c CVE-2021-38697 \u203c\n\nSoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted File Upload, that allows attackers to upload files with any file extension which can lead to arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-18T18:24:43.000000Z"}, {"uuid": "f8c7813e-134d-44d7-9219-5f3081e240b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38695", "type": "seen", "source": "https://t.me/cibsecurity/35697", "content": "\u203c CVE-2021-38695 \u203c\n\nSoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scripting (XSS) that allows users to store scripts in certain fields (e.g. subject, description) of the document form.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-18T18:24:41.000000Z"}, {"uuid": "9eb39daf-6f4f-4d85-a2c0-926bf7357029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38698", "type": "seen", "source": "https://t.me/cibsecurity/28334", "content": "\u203c CVE-2021-38698 \u203c\n\nHashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic. Fixed in 1.8.15, 1.9.9 and 1.10.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-07T16:17:18.000000Z"}]}