{"vulnerability": "CVE-2019-1059", "sightings": [{"uuid": "a5ae76bd-1329-4865-9ff9-beaebffe1352", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10596", "type": "seen", "source": "https://t.me/cibsecurity/14533", "content": "ATENTION\u203c New - CVE-2019-10596\n\nu'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Nicobar, QCS605, QCS610, Rennell, SA6155P, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-09-08T15:55:39.000000Z"}, {"uuid": "b5078e34-896e-4843-9dc9-37423e388c10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10598", "type": "seen", "source": "https://t.me/indoghostsec/751", "content": "INDONESIAN GHOST SECURITY/INDOGHOSTSEC\n\n2019 ANDROID BUG\n\n\nLet's start\n\n1) This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.\n\n2) Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.\n \n3) The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.\n\n4) Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.\n\n_2019-12-01 security patch level vulnerability details:\n\n\nCVE-2019-2232 A-140632678 DoS Critical 8.0, 8.1, 9, 10\nCVE-2019-9464 A-141028068 [2] [3] [4] EoP High 10\nCVE-2019-2217 A-141003796 EoP High 10\nCVE-2019-2218 A-141169173 EoP High 10\nCVE-2019-2220 A-138636979 [2] ID High 9, 10\nCVE-2019-2221 A-138583650 [2] EoP Moderate 10\n\n_In Kernel Also !!!!\n\nCVE-2018-20961 A-139522588\nUpstream kernel EoP High USB MIDI class function driver\nCVE-2019-15220 A-140329469\nUpstream kernel EoP High Prism54 WiFi USB Driver\nCVE-2019-15239 A-140328996\nUpstream kernel EoP High TCP Stack\n\n_In Qualcomm components\n\nCVE-2019-10557 A-78657016\nQC-CR#2255369\nQC-CR#2259707 N/A High WLAN host\nCVE-2018-11980 A-140423440\nQC-CR#2270117 N/A High WLAN host\nCVE-2019-10480 A-140423811\nQC-CR#2309399 N/A High WLAN host\nCVE-2019-10481 A-140423794\nQC-CR#2304610\nQC-CR#2318632 N/A High WLAN host\nCVE-2019-10536 A-140423334\nQC-CR#2433802 N/A High WLAN host\nCVE-2019-10537 A-140423693\nQC-CR#2436502 N/A High WLAN host\nCVE-2019-10595 A-140423810\nQC-CR#2148184 N/A High WLAN host\nCVE-2019-10598 A-140423155\nQC-CR#2324139 N/A High WLAN host\nCVE-2019-10601 A-140423156\nQC-CR#2428798 N/A High WLAN host\nCVE-2019-10605 A-140424124\nQC-CR#2187441 N/A High WLAN host\nCVE-2019-10607 A-140423690\nQC-CR#2211711 N/A High Security\nCVE-2019-2304 A-123238115\nQC-CR#2331868\nQC-CR#2335530\nQC-CR#2348299\nQC-CR#2203904* N/A High WLAN host \n\n\nBy indoghostsec 4x3ll999gh05t", "creation_timestamp": "2019-12-11T16:24:35.000000Z"}, {"uuid": "def347eb-7ae3-4515-be3b-f566fbb3cd7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10595", "type": "seen", "source": "https://t.me/indoghostsec/731", "content": "INDONESIAN GHOST SECURITY\n\nBY Gh05t999include\n\n2019 ANDROID BUG\n\n\nYook gas:v\n\n1) This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.\n\n2) Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.\n \n3) The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.\n\n4) Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.\n\n2019-12-01 security patch level vulnerability details:\n\n\nCVE-2019-2232 A-140632678 DoS Critical 8.0, 8.1, 9, 10\nCVE-2019-9464 A-141028068 [2] [3] [4] EoP High 10\nCVE-2019-2217 A-141003796 EoP High 10\nCVE-2019-2218 A-141169173 EoP High 10\nCVE-2019-2220 A-138636979 [2] ID High 9, 10\nCVE-2019-2221 A-138583650 [2] EoP Moderate 10\n\nIn Kernel Also !!!!\n\nCVE-2018-20961 A-139522588\nUpstream kernel EoP High USB MIDI class function driver\nCVE-2019-15220 A-140329469\nUpstream kernel EoP High Prism54 WiFi USB Driver\nCVE-2019-15239 A-140328996\nUpstream kernel EoP High TCP Stack\n\nIn Qualcomm components\n\nCVE-2019-10557 A-78657016\nQC-CR#2255369\nQC-CR#2259707 N/A High WLAN host\nCVE-2018-11980 A-140423440\nQC-CR#2270117 N/A High WLAN host\nCVE-2019-10480 A-140423811\nQC-CR#2309399 N/A High WLAN host\nCVE-2019-10481 A-140423794\nQC-CR#2304610\nQC-CR#2318632 N/A High WLAN host\nCVE-2019-10536 A-140423334\nQC-CR#2433802 N/A High WLAN host\nCVE-2019-10537 A-140423693\nQC-CR#2436502 N/A High WLAN host\nCVE-2019-10595 A-140423810\nQC-CR#2148184 N/A High WLAN host\nCVE-2019-10598 A-140423155\nQC-CR#2324139 N/A High WLAN host\nCVE-2019-10601 A-140423156\nQC-CR#2428798 N/A High WLAN host\nCVE-2019-10605 A-140424124\nQC-CR#2187441 N/A High WLAN host\nCVE-2019-10607 A-140423690\nQC-CR#2211711 N/A High Security\nCVE-2019-2304 A-123238115\nQC-CR#2331868\nQC-CR#2335530\nQC-CR#2348299\nQC-CR#2203904* N/A High WLAN host", "creation_timestamp": "2019-12-11T03:00:17.000000Z"}, {"uuid": "8637aa0e-33c1-47b6-8e94-dcdb53d53238", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10598", "type": "seen", "source": "https://t.me/indoghostsec/731", "content": "INDONESIAN GHOST SECURITY\n\nBY Gh05t999include\n\n2019 ANDROID BUG\n\n\nYook gas:v\n\n1) This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.\n\n2) Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.\n \n3) The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.\n\n4) Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.\n\n2019-12-01 security patch level vulnerability details:\n\n\nCVE-2019-2232 A-140632678 DoS Critical 8.0, 8.1, 9, 10\nCVE-2019-9464 A-141028068 [2] [3] [4] EoP High 10\nCVE-2019-2217 A-141003796 EoP High 10\nCVE-2019-2218 A-141169173 EoP High 10\nCVE-2019-2220 A-138636979 [2] ID High 9, 10\nCVE-2019-2221 A-138583650 [2] EoP Moderate 10\n\nIn Kernel Also !!!!\n\nCVE-2018-20961 A-139522588\nUpstream kernel EoP High USB MIDI class function driver\nCVE-2019-15220 A-140329469\nUpstream kernel EoP High Prism54 WiFi USB Driver\nCVE-2019-15239 A-140328996\nUpstream kernel EoP High TCP Stack\n\nIn Qualcomm components\n\nCVE-2019-10557 A-78657016\nQC-CR#2255369\nQC-CR#2259707 N/A High WLAN host\nCVE-2018-11980 A-140423440\nQC-CR#2270117 N/A High WLAN host\nCVE-2019-10480 A-140423811\nQC-CR#2309399 N/A High WLAN host\nCVE-2019-10481 A-140423794\nQC-CR#2304610\nQC-CR#2318632 N/A High WLAN host\nCVE-2019-10536 A-140423334\nQC-CR#2433802 N/A High WLAN host\nCVE-2019-10537 A-140423693\nQC-CR#2436502 N/A High WLAN host\nCVE-2019-10595 A-140423810\nQC-CR#2148184 N/A High WLAN host\nCVE-2019-10598 A-140423155\nQC-CR#2324139 N/A High WLAN host\nCVE-2019-10601 A-140423156\nQC-CR#2428798 N/A High WLAN host\nCVE-2019-10605 A-140424124\nQC-CR#2187441 N/A High WLAN host\nCVE-2019-10607 A-140423690\nQC-CR#2211711 N/A High Security\nCVE-2019-2304 A-123238115\nQC-CR#2331868\nQC-CR#2335530\nQC-CR#2348299\nQC-CR#2203904* N/A High WLAN host", "creation_timestamp": "2019-12-11T03:00:17.000000Z"}, {"uuid": "5063cdf9-f7d9-4c5e-b768-f1a3d88b1a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10595", "type": "seen", "source": "https://t.me/indoghostsec/751", "content": "INDONESIAN GHOST SECURITY/INDOGHOSTSEC\n\n2019 ANDROID BUG\n\n\nLet's start\n\n1) This is a summary of the mitigations provided by the Android security platform and service protections such as Google Play Protect. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.\n\n2) Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.\n \n3) The Android security team actively monitors for abuse through Google Play Protect and warns users about Potentially Harmful Applications.\n\n4) Google Play Protect is enabled by default on devices with Google Mobile Services, and is especially important for users who install apps from outside of Google Play.\n\n_2019-12-01 security patch level vulnerability details:\n\n\nCVE-2019-2232 A-140632678 DoS Critical 8.0, 8.1, 9, 10\nCVE-2019-9464 A-141028068 [2] [3] [4] EoP High 10\nCVE-2019-2217 A-141003796 EoP High 10\nCVE-2019-2218 A-141169173 EoP High 10\nCVE-2019-2220 A-138636979 [2] ID High 9, 10\nCVE-2019-2221 A-138583650 [2] EoP Moderate 10\n\n_In Kernel Also !!!!\n\nCVE-2018-20961 A-139522588\nUpstream kernel EoP High USB MIDI class function driver\nCVE-2019-15220 A-140329469\nUpstream kernel EoP High Prism54 WiFi USB Driver\nCVE-2019-15239 A-140328996\nUpstream kernel EoP High TCP Stack\n\n_In Qualcomm components\n\nCVE-2019-10557 A-78657016\nQC-CR#2255369\nQC-CR#2259707 N/A High WLAN host\nCVE-2018-11980 A-140423440\nQC-CR#2270117 N/A High WLAN host\nCVE-2019-10480 A-140423811\nQC-CR#2309399 N/A High WLAN host\nCVE-2019-10481 A-140423794\nQC-CR#2304610\nQC-CR#2318632 N/A High WLAN host\nCVE-2019-10536 A-140423334\nQC-CR#2433802 N/A High WLAN host\nCVE-2019-10537 A-140423693\nQC-CR#2436502 N/A High WLAN host\nCVE-2019-10595 A-140423810\nQC-CR#2148184 N/A High WLAN host\nCVE-2019-10598 A-140423155\nQC-CR#2324139 N/A High WLAN host\nCVE-2019-10601 A-140423156\nQC-CR#2428798 N/A High WLAN host\nCVE-2019-10605 A-140424124\nQC-CR#2187441 N/A High WLAN host\nCVE-2019-10607 A-140423690\nQC-CR#2211711 N/A High Security\nCVE-2019-2304 A-123238115\nQC-CR#2331868\nQC-CR#2335530\nQC-CR#2348299\nQC-CR#2203904* N/A High WLAN host \n\n\nBy indoghostsec 4x3ll999gh05t", "creation_timestamp": "2019-12-11T16:24:35.000000Z"}, {"uuid": "dda24354-4e98-450e-8bba-f9ddb5b9a092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10595", "type": "seen", "source": "Telegram/hHnUO3JZazxaDFSlcvhpOKOiZt6eEIvuGQrcrKvPgHXG", "content": "", "creation_timestamp": "2019-12-14T01:31:35.000000Z"}, {"uuid": "b8ca7539-4c2f-40ee-8bf4-e1194d8562e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10598", "type": "seen", "source": "Telegram/hHnUO3JZazxaDFSlcvhpOKOiZt6eEIvuGQrcrKvPgHXG", "content": "", "creation_timestamp": "2019-12-14T01:31:35.000000Z"}, {"uuid": "33024498-dae1-45ca-977c-1930564d7a96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10595", "type": "seen", "source": "Telegram/iQUZE2pIByE4vkwExY2sw7tjReCcmi36nOFNFwktNW4", "content": "", "creation_timestamp": "2019-12-13T11:21:12.000000Z"}, {"uuid": "62006b62-6163-4bd0-84f3-0801337e8a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10598", "type": "seen", "source": "Telegram/iQUZE2pIByE4vkwExY2sw7tjReCcmi36nOFNFwktNW4", "content": "", "creation_timestamp": "2019-12-13T11:21:12.000000Z"}, {"uuid": "3e204fdf-72c8-4c32-b21c-6b1c5945e70d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10597", "type": "seen", "source": "https://t.me/cibsecurity/13044", "content": "ATENTION\u203c New - CVE-2019-10597\n\nkernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar, QCS605, Rennell, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-25T08:55:33.000000Z"}]}