{"vulnerability": "CVE-2021-3930", "sightings": [{"uuid": "c3f88a31-f7b4-4704-9d45-03f1860291aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39303", "type": "published-proof-of-concept", "source": "https://t.me/cKure/8291", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Discovering Full Read SSRF in Jamf (CVE-2021-39303 & CVE-2021-40809).\n\nhttps://blog.assetnote.io/2021/11/30/jamf-ssrf/", "creation_timestamp": "2021-12-01T20:39:22.000000Z"}, {"uuid": "75bef982-97fb-446c-a86c-fbdaaccab74c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39303", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4875", "content": "#Offensive_security\n1. Nmap script that searches for probable vulnerabilities based on services discovered in open ports\nhttps://github.com/scmanjarrez/CVEScannerV2\n2. Discovering Full Read SSRF in Jamf\n(CVE-2021-39303, CVE-2021-40809)\nhttps://blog.assetnote.io/2021/11/30/jamf-ssrf", "creation_timestamp": "2021-12-01T11:01:01.000000Z"}, {"uuid": "897e3bdc-1c72-446f-84ad-2b1f76ce33cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39303", "type": "seen", "source": "https://t.me/cibsecurity/32339", "content": "\u203c CVE-2021-39303 \u203c\n\nThe server in Jamf Pro before 10.32.0 has a vulnerability affecting integrity and availability, aka PI-006352. NOTE: Jamf Nation will also publish an article about this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-13T00:39:21.000000Z"}, {"uuid": "3cb9368e-bd98-47ac-afc8-b38d68308bd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39302", "type": "seen", "source": "https://t.me/cibsecurity/27613", "content": "\u203c CVE-2021-39302 \u203c\n\nMISP 2.4.148, in certain configurations, allows SQL injection via the app/Model/Log.php $conditions['org'] value.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-19T20:18:24.000000Z"}, {"uuid": "9209cd00-2f62-4bbf-bf77-88bd3a72293b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39301", "type": "seen", "source": "https://t.me/cibsecurity/37611", "content": "\u203c CVE-2021-39301 \u203c\n\nPotential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T20:42:26.000000Z"}, {"uuid": "d973ea6e-ad0d-484a-94dc-eec5721ed2a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39300", "type": "seen", "source": "https://t.me/cibsecurity/37597", "content": "\u203c CVE-2021-39300 \u203c\n\nPotential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T20:36:24.000000Z"}, {"uuid": "4e463d53-a2e9-4acb-8576-54ef47057c59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3930", "type": "seen", "source": "https://t.me/cibsecurity/37712", "content": "\u203c CVE-2021-3930 \u203c\n\nAn off-by-one error was found in the SCSI device emulation in QEMU. It could occur while processing MODE SELECT commands in mode_sense_page() if the 'page' argument was set to MODE_PAGE_ALLS (0x3f). A malicious guest could use this flaw to potentially crash QEMU, resulting in a denial of service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T20:40:10.000000Z"}, {"uuid": "b312105d-ab06-4b8e-a6cf-0af4bb0fd626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39304", "type": "seen", "source": "https://t.me/cibsecurity/30509", "content": "\u203c CVE-2021-39304 \u203c\n\nProofpoint Enterprise Protection before 8.12.0-2108090000 allows security control bypass.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-13T18:26:38.000000Z"}]}