{"vulnerability": "CVE-2019-1329", "sightings": [{"uuid": "71ec35b2-1065-4190-8652-b5fcfa40944d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13290", "type": "seen", "source": "https://t.me/cveNotify/213", "content": "\ud83d\udea8 #CVE-2019-13290\nArtifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. This occurs with a large BDC property name that ove... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13290\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-04T23:59:56.000000Z"}, {"uuid": "0302c8a1-7794-4279-98a5-b35e07797757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13291", "type": "published-proof-of-concept", "source": "https://t.me/cveNotify/214", "content": "\ud83d\udea8 #CVE-2019-13291\nIn Xpdf 4.01.01, there is a heap-based buffer over-read in the function DCTStream::readScan() located at http://Stream.cc\u00a0. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an a... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13291\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T00:00:00.000000Z"}, {"uuid": "29e0d8d3-cdf7-441a-981a-bfa310679aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13292", "type": "seen", "source": "https://t.me/cveNotify/215", "content": "\ud83d\udea8 #CVE-2019-13292\nA SQL Injection issue was discovered in webERP 4.15. Payments.php accepts payment data in base64 format. After this is decoded, it is deserialized. Then, this deserialized data goes directly into a SQL query, with no sanitizing checks. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13292\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T00:59:53.000000Z"}, {"uuid": "af11af67-040c-49ad-84a5-853f4fb58746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13294", "type": "seen", "source": "https://t.me/cveNotify/216", "content": "\ud83d\udea8 #CVE-2019-13294\nAROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13294\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T01:59:52.000000Z"}, {"uuid": "5017fa3f-25bb-4fbb-8148-9a4c81e72d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13295", "type": "seen", "source": "https://t.me/cveNotify/217", "content": "\ud83d\udea8 #CVE-2019-13295\nImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T03:59:53.000000Z"}, {"uuid": "8513e651-7570-4969-b0c8-5f64be3a3e4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13296", "type": "seen", "source": "https://t.me/cveNotify/218", "content": "\ud83d\udea8 #CVE-2019-13296\nImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13296\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T03:59:54.000000Z"}, {"uuid": "fe9b0254-93aa-4443-84c0-08c906d1a748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13297", "type": "seen", "source": "https://t.me/cveNotify/219", "content": "\ud83d\udea8 #CVE-2019-13297\nImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T03:59:55.000000Z"}, {"uuid": "f2d16f3d-4ca2-438c-872a-f9ff868bcc18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13299", "type": "seen", "source": "https://t.me/cveNotify/221", "content": "\ud83d\udea8 #CVE-2019-13299\nImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCore/pixel-accessor.h in GetPixelChannel. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13299\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T03:59:56.000000Z"}]}