{"vulnerability": "CVE-2019-1136", "sightings": [{"uuid": "819ede3f-35ec-4d6a-8de5-9c29cb4d5343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11361", "type": "seen", "source": "https://t.me/cibsecurity/10629", "content": "ATENTION\u203c New - CVE-2019-11361\n\nZoho ManageEngine Remote Access Plus 10.0.258 does not validate user permissions properly, allowing for privilege escalation and eventually a full application takeover.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-19T19:31:14.000000Z"}, {"uuid": "0974e31c-c71a-4582-ae29-0a98aacc99e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11365", "type": "seen", "source": "https://gist.github.com/0xi1y4an7/605ea54aa36cbd993d66a4e7d1674901", "content": "", "creation_timestamp": "2025-05-14T23:15:09.000000Z"}, {"uuid": "2886099a-9417-4ceb-abb5-c07039adce52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11365", "type": "seen", "source": "https://t.me/arpsyndicate/2683", "content": "#ExploitObserverAlert\n\nCVE-2019-11365\n\nDESCRIPTION: Exploit Observer has 8 entries related to CVE-2019-11365. An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this vulnerable strncpy pattern within the code base, specifically within tftpd_file.c, tftp_file.c, tftpd_mtftp.c, and tftp_mtftp.c.\n\nFIRST-EPSS: 0.326570000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-08T21:38:21.000000Z"}]}