{"vulnerability": "CVE-2019-2505", "sightings": [{"uuid": "3233c4b2-e54c-43c3-9db4-d9f2fc8af704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25056", "type": "seen", "source": "https://t.me/cibsecurity/36284", "content": "\u203c CVE-2019-25056 \u203c\n\nIn Bromite through 78.0.3904.130, there are adblock rules in the release APK; therefore, probing which resources are blocked and which aren't can identify the application version and defeat the User-Agent protection mechanism.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-26T07:19:08.000000Z"}, {"uuid": "edc4351b-da5d-476c-a961-dd50f3c41d25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25053", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9433", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2019-25053\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A path traversal vulnerability exists in Sage FRP 1000 before November 2019. This allows remote unauthenticated attackers to access files outside of the web tree via a crafted URL.\n\ud83d\udccf Published: 2023-01-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-28T19:21:51.310Z\n\ud83d\udd17 References:\n1. https://www.on-x.com/wp-content/uploads/2023/01/on-x_-_security_advisory_-_sage_frp_1000_-_cve-2019-25053.pdf", "creation_timestamp": "2025-03-28T19:28:58.000000Z"}, {"uuid": "13e1de2a-76b7-481b-acef-c0060f2dfd27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25051", "type": "seen", "source": "https://t.me/cibsecurity/26275", "content": "\u203c CVE-2019-25051 \u203c\n\nobjstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-20T12:33:23.000000Z"}, {"uuid": "f6476c61-14be-48b0-845b-13e5d93bc83f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25058", "type": "seen", "source": "https://t.me/cibsecurity/38009", "content": "\u203c CVE-2019-25058 \u203c\n\nAn issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon running, an unprivileged user could make USBGuard allow all USB devices to be connected in the future.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-24T18:20:55.000000Z"}, {"uuid": "7ec956bc-4420-43c1-aa49-a6c666521bda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25052", "type": "seen", "source": "https://t.me/cibsecurity/27157", "content": "\u203c CVE-2019-25052 \u203c\n\nIn Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call update and final cryptographic functions directly, causing a crash that could leak sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-11T18:38:25.000000Z"}]}