{"vulnerability": "CVE-2019-1861", "sightings": [{"uuid": "281a739d-7e54-4579-acef-8d0d73079a63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18612", "type": "seen", "source": "https://t.me/ctinow/175431", "content": "https://ift.tt/4n7SBPF\nCVE-2019-18612 | AbuseFilter Extension up to 1.34 on MediaWiki information disclosure", "creation_timestamp": "2024-01-29T18:16:06.000000Z"}, {"uuid": "287ce13c-ac0b-49d1-80ce-c7f396d23760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18611", "type": "seen", "source": "https://t.me/ctinow/175426", "content": "https://ift.tt/7HO1zvW\nCVE-2019-18611 | CheckUser Extension up to 1.34 on MediaWiki API information disclosure", "creation_timestamp": "2024-01-29T17:46:05.000000Z"}, {"uuid": "79db7339-a357-41df-8de5-e80cb61b8cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18619", "type": "seen", "source": "https://t.me/cibsecurity/13586", "content": "ATENTION\u203c New - CVE-2019-18619\n\nIncorrect parameter validation in the synaTee component of Synaptics WBF drivers using an SGX enclave (all versions prior to 2019-11-15) allows a local user to execute arbitrary code in the enclave (that can compromise confidentiality of enclave data) via APIs that accept invalid pointers.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-22T18:55:15.000000Z"}, {"uuid": "dacb71d1-697b-4e15-8c37-98a0552774f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18618", "type": "seen", "source": "https://t.me/cibsecurity/13587", "content": "ATENTION\u203c New - CVE-2019-18618\n\nIncorrect access control in the firmware of Synaptics VFS75xx family fingerprint sensors that include external flash (all versions prior to 2019-11-15) allows a local administrator or physical attacker to compromise the confidentiality of sensor data via injection of an unverified partition table.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-22T18:55:16.000000Z"}, {"uuid": "4c287f52-6986-41a5-a083-50576ac99baa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18610", "type": "seen", "source": "https://t.me/ctinow/193441", "content": "https://ift.tt/VaR8oLB\nCVE-2019-18610 | Sangoma Asterisk/Certified Asterisk Asterisk Manager Interface manager.c authorization (DLA 2017-1)", "creation_timestamp": "2024-02-26T15:42:11.000000Z"}, {"uuid": "89e052e7-8927-492e-af95-0d7cba8c6cec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18614", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/12765", "content": "ATENTION\u203c New - CVE-2019-18614\n\nOn the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 (which was used for everything in the previous CYW20719 and later CYW20819 evaluation board). To trigger the overflow, an attacker can either send packets over the air or as unprivileged local user. Over the air, the minimal PoC is sending \"l2ping -s 600\" to the target address prior to any pairing. Locally, the buffer overflow is immediately triggered by opening an ACL or SCO connection to a headset. This occurs because, in WICED Studio 6.2 and 6.4, BT_ACL_HOST_TO_DEVICE_DEFAULT_SIZE and BT_ACL_DEVICE_TO_HOST_DEFAULT_SIZE are set to 384.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-16T18:55:14.000000Z"}]}