{"vulnerability": "CVE-2019-1335", "sightings": [{"uuid": "1600a4a4-c706-4d5a-ba07-ece2de51e479", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13354", "type": "seen", "source": "https://t.me/cveNotify/304", "content": "\ud83d\udea8 #CVE-2019-13354\nThe strong_password gem 0.0.7 for Ruby, as distributed on http://RubyGems.org\u00a0, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 0.0.6. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13354\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-08T16:59:52.000000Z"}, {"uuid": "8824269b-0faf-4c7b-aaab-e640b7112a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13354", "type": "seen", "source": "https://bsky.app/profile/parlaconguido.bsky.social/post/3m32uktwdym26", "content": "", "creation_timestamp": "2025-10-13T09:09:58.160168Z"}, {"uuid": "352b842c-8568-4f63-ae64-d313fcf07fa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13351", "type": "seen", "source": "https://t.me/cveNotify/265", "content": "\ud83d\udea8 #CVE-2019-13351\nposix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (as distributed with alsa-plugins 1.1.7 and later) has a \"double file descriptor close\" issue during a failed connection attempt when jackd2 is not running. Exploitation succes... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13351\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T23:00:00.000000Z"}, {"uuid": "c03f19cf-69cf-40bd-8073-fd42b539ce6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13352", "type": "seen", "source": "https://t.me/cveNotify/266", "content": "\ud83d\udea8 #CVE-2019-13352\nWolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating support PINs for the 'forgot password' feature. By knowing this static secret and the corresponding algorithm for calculating support PINs, an att... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13352\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T23:00:01.000000Z"}, {"uuid": "3a580bf8-2753-45d4-b61a-26103641fb72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-13358", "type": "seen", "source": "https://t.me/cveNotify/267", "content": "\ud83d\udea8 #CVE-2019-13358\nlib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows remote users to read files on the underlying operating system. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13358\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T23:59:52.000000Z"}]}