{"vulnerability": "CVE-2019-1625", "sightings": [{"uuid": "454b0849-5b9b-4788-847a-380f9915cbef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "b6f7a934-a280-46cb-9c06-98165e134225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "423fdad7-9b6e-477e-94e7-511eba917c4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970932", "content": "", "creation_timestamp": "2024-12-24T20:21:56.728071Z"}, {"uuid": "1de366c5-0307-4e8d-b50a-76667686d400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:42.000000Z"}, {"uuid": "e325d565-4f38-47c0-bc79-861096191a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-16256", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e224b883-a34e-4a02-8e2a-478d2249cc1a", "content": "", "creation_timestamp": "2026-02-02T12:29:02.530816Z"}, {"uuid": "20f5806c-1639-4aca-bbdd-7b972b83784a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16255", "type": "seen", "source": "https://t.me/ctinow/195379", "content": "https://ift.tt/kHK5YdW\nCVE-2019-16255 | Ruby up to 2.4.7/2.5.6/2.6.4 lib/shell.rb Argument injection (DLA 2027-1)", "creation_timestamp": "2024-02-28T12:36:53.000000Z"}, {"uuid": "92941fb4-5a22-4b53-9b71-5ec5bff00966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "https://t.me/arpsyndicate/1169", "content": "#ExploitObserverAlert\n\nCVE-2019-16256\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-16256. Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.\n\nFIRST-EPSS: 0.044170000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T09:36:33.000000Z"}, {"uuid": "cd3d4f65-0dc3-4863-bffd-440f08df9d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "Telegram/V3zp8gzDdcqUy7-QwLDLJzdmDjdSQBmzS2XglGI1JqBKCi--", "content": "", "creation_timestamp": "2025-02-06T02:42:30.000000Z"}, {"uuid": "adaa6790-be25-470f-a3f9-8fbcf16b5e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16253", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2341", "content": "Android Exploit to get a System based shell (UID 1000) on ANY Samsung Mobile Device based on CVE-2019-16253\n\n1) Downgrade to vulnerable SamsungTTS app\n2) Install exploit APK\n3) Exploit vulnerability to achieve System rights \nhttps://forum.xda-developers.com/t/system-shell-exploit-all-samsung-mobile-devices-no-bl-unlock-required.4543071/", "creation_timestamp": "2023-01-20T20:24:15.000000Z"}, {"uuid": "e15f96c9-df77-4c47-ac1f-7dd642a6ec6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16254", "type": "seen", "source": "https://t.me/ctinow/195378", "content": "https://ift.tt/EFDyMwl\nCVE-2019-16254 | Ruby up to 2.4.7/2.5.6/2.6.4 Incomplete Fix HTTP Response injection (DLA 2027-1)", "creation_timestamp": "2024-02-28T12:36:52.000000Z"}, {"uuid": "75095177-241a-4872-82fb-c31e82252927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16251", "type": "seen", "source": "https://t.me/ctinow/177415", "content": "https://ift.tt/amxEBDv\nCVE-2019-16251 | YIT Plugin Framework up to 3.3.8 on WordPress yit-plugin-panel-wc.php privileges management", "creation_timestamp": "2024-02-01T09:41:23.000000Z"}, {"uuid": "74788e29-2938-4694-93ee-70b6b4d672d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16252", "type": "seen", "source": "https://t.me/cibsecurity/12727", "content": "ATENTION\u203c New - CVE-2019-16252\n\nMissing SSL Certificate Validation in the Nutfind.com application through 3.9.12 for Android allows a man-in-the-middle attacker to sniff and manipulate all API requests, including login credentials and location data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-13T02:55:17.000000Z"}, {"uuid": "be7e6fae-2d6c-4afc-9caa-47c93e7967e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16253", "type": "exploited", "source": "https://t.me/androidMalware/1755", "content": "Android Exploit to get a System based shell (UID 1000) on ANY Samsung Mobile Device based on CVE-2019-16253\n\n1) Downgrade to vulnerable SamsungTTS app\n2) Install exploit APK\n3) Exploit vulnerability to achieve System rights \nhttps://forum.xda-developers.com/t/system-shell-exploit-all-samsung-mobile-devices-no-bl-unlock-required.4543071/", "creation_timestamp": "2023-02-09T04:23:11.000000Z"}]}