{"vulnerability": "CVE-2021-2020", "sightings": [{"uuid": "272cea56-1b3b-47a3-ac6c-8438dfd1ade3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20202", "type": "seen", "source": "https://t.me/arpsyndicate/3192", "content": "#ExploitObserverAlert\n\nCVE-2021-20202\n\nDESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2021-20202. A flaw was found in keycloak. Directories can be created prior to the Java process creating them in the temporary directory, but with wider user permissions, allowing the attacker to have access to the contents that keycloak stores in this directory. The highest threat from this vulnerability is to data confidentiality and integrity.\n\nFIRST-EPSS: 0.000440000\nNVD-IS: 5.5\nNVD-ES: 1.8", "creation_timestamp": "2024-01-28T03:54:33.000000Z"}, {"uuid": "fd01a818-d52c-4b53-a2aa-a8a3d0aa124b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20205", "type": "seen", "source": "https://t.me/cibsecurity/24727", "content": "\u203c CVE-2021-20205 \u203c\n\nLibjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted GIF image.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-10T20:53:30.000000Z"}, {"uuid": "73c6e95f-9bf6-4773-8543-9a3815325153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-2020", "type": "seen", "source": "https://t.me/cibsecurity/22395", "content": "\u203c CVE-2021-2020 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-20T18:40:29.000000Z"}, {"uuid": "5a38e8fb-e586-48c4-908b-cf0c55007025", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20203", "type": "seen", "source": "https://t.me/cibsecurity/24150", "content": "\u203c CVE-2021-20203 \u203c\n\nAn integer overflow issue was found in the vmxnet3 NIC emulator of the QEMU for versions up to v5.2.0. It may occur if a guest was to supply invalid values for rx/tx queue size or other NIC parameters. A privileged guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-25T22:37:59.000000Z"}, {"uuid": "262e8a5c-3863-4686-9162-2d449c43b25c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-20204", "type": "published-proof-of-concept", "source": "Telegram/HlGqkEM1FWLycl9CcaSMg47S5YITEuwuGJWEk54D8yYnkPM", "content": "", "creation_timestamp": "2021-05-07T18:15:50.000000Z"}]}