{"vulnerability": "CVE-2021-4278", "sightings": [{"uuid": "5a78fe90-a521-4060-a2e0-c14eb7b593cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42780", "type": "seen", "source": "https://t.me/cibsecurity/41049", "content": "\u203c CVE-2021-42780 \u203c\n\nA use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T20:29:50.000000Z"}, {"uuid": "b4b58c93-9199-455d-8137-7e7b88492f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42781", "type": "seen", "source": "https://t.me/cibsecurity/41041", "content": "\u203c CVE-2021-42781 \u203c\n\nHeap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-18T20:29:41.000000Z"}, {"uuid": "252ba898-395d-415f-8c2b-32fa746846e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42787", "type": "seen", "source": "https://t.me/cibsecurity/38666", "content": "\u203c CVE-2021-42787 \u203c\n\nIt was discovered that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the \"/api/appInternals/1.0/agent/configuration\" API. The affected endpoint does not have any input validation of the user's input that allows a malicious payload to be injected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-10T20:13:11.000000Z"}, {"uuid": "cfabcac4-1995-46c4-a7a9-e449f6eed86a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42784", "type": "seen", "source": "https://t.me/cibsecurity/32918", "content": "\u203c CVE-2021-42784 \u203c\n\nOS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 firmware allows a remote attacker to perform command injection via a crafted HTTP request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-24T00:29:42.000000Z"}]}