{"vulnerability": "CVE-2019-1437", "sightings": [{"uuid": "fe4f3df6-f0f1-476b-bfb5-d4a65dd1b85a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14378", "type": "published-proof-of-concept", "source": "https://t.me/antichat/6400", "content": "QEMU VM Escape\nhttps://blog.bi0s.in/2019/08/24/Pwn/VM-Escape/2019-07-29-qemu-vm-escape-cve-2019-14378/", "creation_timestamp": "2019-08-29T20:22:00.000000Z"}, {"uuid": "9b95e53f-c71a-4fe9-8e33-419d0728fa36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14378", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/901", "content": "\u0416\u043e\u0441\u0442\u043a\u0430\n\n\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0434\u0435\u0442\u0430\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2019-14378) \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 SLIRP, \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u043c\u043e\u043c \u0432 QEMU \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u043a\u0430\u043d\u0430\u043b\u0430 \u0441\u0432\u044f\u0437\u0438 \u043c\u0435\u0436\u0434\u0443 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u043c \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0430\u0434\u0430\u043f\u0442\u0435\u0440\u043e\u043c \u0432 \u0433\u043e\u0441\u0442\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0431\u044d\u043a\u0435\u043d\u0434\u043e\u043c \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u0435 QEMU. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u043d\u0430 \u0431\u0430\u0437\u0435 KVM (\u0432 \u0440\u0435\u0436\u0438\u043c\u0435 Usermode) \u0438 Virtualbox, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0431\u044d\u043a\u0435\u043d\u0434 slirp \u0438\u0437 QEMU, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0449\u0438\u0435 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0441\u0442\u0435\u043a \u0432 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f libSLIRP (\u044d\u043c\u0443\u043b\u044f\u0442\u043e\u0440 TCP/IP). \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u044b\u0439\u0442\u0438 \u0438\u0437 \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f QEMU  \nhttps://www.opennet.ru/opennews/art.shtml?num=51343", "creation_timestamp": "2019-08-23T21:32:05.000000Z"}, {"uuid": "575ec03f-781b-44d3-8398-3b47a194db32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14379", "type": "seen", "source": "https://t.me/ctinow/168290", "content": "https://ift.tt/OeMDN6J\nCVE-2019-14379 | Oracle Retail Xstore Point of Service 7.1/15.0/16.0/17.0/18.0 jackson-databind input validation", "creation_timestamp": "2024-01-15T11:36:52.000000Z"}, {"uuid": "3f83b26c-d830-4a68-8887-e5fa3eeffc35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14378", "type": "seen", "source": "https://t.me/arpsyndicate/1924", "content": "#ExploitObserverAlert\n\nCVE-2019-14378\n\nDESCRIPTION: Exploit Observer has 30 entries related to CVE-2019-14378. ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment.\n\nFIRST-EPSS: 0.015650000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T05:44:23.000000Z"}, {"uuid": "fbc3b51f-5fc6-4159-b433-35f1a8ba9f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-1437", "type": "seen", "source": "https://t.me/ctinow/183642", "content": "https://ift.tt/NPfRiMV\nCVE-2019-1437 | Microsoft Windows 10 1809/10 1903/Server 1903/Server 2019 Graphics Component privileges management", "creation_timestamp": "2024-02-13T07:56:16.000000Z"}, {"uuid": "cb22adeb-99fe-4309-ba25-6dc9a1ee20bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14379", "type": "seen", "source": "https://t.me/ctinow/164890", "content": "https://ift.tt/UtOpR36\nCVE-2019-14379 | Oracle Primavera Gateway 15.2/16.2/17.12/18.8 jackson-databind input validation", "creation_timestamp": "2024-01-09T10:06:47.000000Z"}, {"uuid": "8bb9024d-4086-4be0-844a-a3fc428d0175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14378", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/5863", "content": "QEMU VM Escape\nhttps://blog.bi0s.in/2019/08/24/Pwn/VM-Escape/2019-07-29-qemu-vm-escape-cve-2019-14378/", "creation_timestamp": "2019-08-29T17:38:12.000000Z"}, {"uuid": "081d172e-668c-4848-9c85-bddd597febb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14379", "type": "seen", "source": "https://t.me/ctinow/164992", "content": "https://ift.tt/owO2Z4g\nCVE-2019-14379 | Oracle Banking Platform up to 2.7.1 jackson-databind input validation", "creation_timestamp": "2024-01-09T13:11:28.000000Z"}, {"uuid": "ee8abc94-9be7-4a8c-bfeb-932fabf3dd7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14379", "type": "seen", "source": "https://t.me/ctinow/164891", "content": "https://ift.tt/v5VdJ2W\nCVE-2019-14379 | Oracle Primavera Unifier 16.1/16.2/17.12/18.8 jackson-databind input validation", "creation_timestamp": "2024-01-09T10:06:48.000000Z"}, {"uuid": "3a8dbaa2-028d-4658-b709-62fd3cfe4135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-14379", "type": "seen", "source": "https://t.me/ctinow/164993", "content": "https://ift.tt/5bPeXOk\nCVE-2019-14379 | Oracle Financial Services Analytical Applications Infrastructure jackson-databind input validation", "creation_timestamp": "2024-01-09T13:11:29.000000Z"}]}