{"vulnerability": "CVE-2021-4069", "sightings": [{"uuid": "2783ed8c-1f8b-4b41-89c6-2f251e31fee9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40695", "type": "seen", "source": "https://t.me/arpsyndicate/4810", "content": "#ExploitObserverAlert\n\nCVE-2021-40695\n\nDESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2021-40695. It was possible for a student to view their quiz grade before it had been released, using a quiz web service.\n\nFIRST-EPSS: 0.000540000\nNVD-IS: 1.4\nNVD-ES: 2.8\nARPS-PRIORITY: 0.7712735", "creation_timestamp": "2024-04-24T20:12:08.000000Z"}, {"uuid": "4ea9fd73-1288-43ba-aa3f-0b79774f84a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40691", "type": "seen", "source": "https://t.me/cibsecurity/50682", "content": "\u203c CVE-2021-40691 \u203c\n\nA session hijack risk was identified in the Shibboleth authentication plugin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T07:47:50.000000Z"}, {"uuid": "98ad724a-1de8-4846-afb9-fda499243767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40698", "type": "seen", "source": "https://t.me/cibsecurity/70066", "content": "\u203c CVE-2021-40698 \u203c\n\nColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-09T16:37:58.000000Z"}, {"uuid": "a3370404-70bf-4165-97af-94246239418b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40699", "type": "seen", "source": "https://t.me/cibsecurity/70057", "content": "\u203c CVE-2021-40699 \u203c\n\nColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-07T16:18:41.000000Z"}, {"uuid": "5cf27fec-0da1-438c-85ad-23f8d7df11c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4069", "type": "seen", "source": "https://t.me/cibsecurity/33367", "content": "\u203c CVE-2021-4069 \u203c\n\nvim is vulnerable to Use After Free\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-06T14:20:37.000000Z"}, {"uuid": "be0b66ce-d4b1-438c-b523-cf9319db8fe9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40694", "type": "seen", "source": "https://t.me/cibsecurity/50710", "content": "\u203c CVE-2021-40694 \u203c\n\nInsufficient escaping of the LaTeX preamble made it possible for site administrators to read files available to the HTTP server system account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T07:51:01.000000Z"}, {"uuid": "b95c572c-7a84-4420-95f1-1bda97d193cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40695", "type": "seen", "source": "https://t.me/cibsecurity/50658", "content": "\u203c CVE-2021-40695 \u203c\n\nIt was possible for a student to view their quiz grade before it had been released, using a quiz web service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T07:41:08.000000Z"}, {"uuid": "b37d01ec-864e-401b-b037-3cf1b77c0f69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40697", "type": "seen", "source": "https://t.me/cibsecurity/29669", "content": "\u203c CVE-2021-40697 \u203c\n\nAdobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-29T20:37:24.000000Z"}, {"uuid": "0905d4cd-6d50-4c23-b85c-c2dd9be427d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40690", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4474", "content": "#Offensive_security\n1. Ping'ing Apache XML Security (CVE-2021-40690)\nhttps://blog.tint0.com/2021/09/pinging-xmlsec.html\n2. Slack Denial of Service via Hyperlinks in Posts (DOM Clobbering)\nhttps://hackerone.com/reports/1077136", "creation_timestamp": "2022-05-26T04:25:28.000000Z"}]}