{"vulnerability": "CVE-2019-2508", "sightings": [{"uuid": "928d0911-e005-45f1-b04d-efe1e6c35719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25083", "type": "seen", "source": "https://t.me/cibsecurity/70538", "content": "\u203c CVE-2019-25083 \u203c\n\n** REJECT ** This candidate is unused by its CNA.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-14T22:41:09.000000Z"}, {"uuid": "e3f8e4c0-e063-46d6-a494-b2fff6ca794b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25081", "type": "seen", "source": "https://t.me/cibsecurity/70555", "content": "\u203c CVE-2019-25081 \u203c\n\n** REJECT ** This candidate is unused by its CNA.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-14T22:44:02.000000Z"}, {"uuid": "094b9d95-26ab-4bcb-9d1a-c744054b066e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25088", "type": "seen", "source": "https://t.me/cibsecurity/55388", "content": "\u203c CVE-2019-25088 \u203c\n\nA vulnerability was found in ytti Oxidized Web. It has been classified as problematic. Affected is an unknown function of the file lib/oxidized/web/views/conf_search.haml. The manipulation of the argument to_research leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 55ab9bdc68b03ebce9280b8746ef31d7fdedcc45. It is recommended to apply a patch to fix this issue. VDB-216870 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T12:25:00.000000Z"}, {"uuid": "05a6dd83-d1c5-4eb0-af9d-16b3e40415c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25086", "type": "seen", "source": "https://t.me/cibsecurity/55385", "content": "\u203c CVE-2019-25086 \u203c\n\nA vulnerability was found in IET-OU Open Media Player up to 1.5.0. It has been declared as problematic. This vulnerability affects the function webvtt of the file application/controllers/timedtext.php. The manipulation of the argument ttml_url leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.5.1 is able to address this issue. The name of the patch is 3f39f2d68d11895929c04f7b49b97a734ae7cd1f. It is recommended to upgrade the affected component. VDB-216862 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T12:23:10.000000Z"}, {"uuid": "97a69956-8a3f-40d4-bcc7-b62ba790e235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25087", "type": "seen", "source": "https://t.me/cibsecurity/55384", "content": "\u203c CVE-2019-25087 \u203c\n\nA vulnerability was found in RamseyK httpserver. It has been rated as critical. This issue affects the function ResourceHost::getResource of the file src/ResourceHost.cpp of the component URI Handler. The manipulation of the argument uri leads to path traversal: '../filedir'. The attack may be initiated remotely. The name of the patch is 1a0de56e4dafff9c2f9c8f6b130a764f7a50df52. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216863.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T12:21:57.000000Z"}, {"uuid": "52e25c4a-5f38-40ce-8b47-ca9fad1881a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25084", "type": "seen", "source": "https://t.me/cibsecurity/55307", "content": "\u203c CVE-2019-25084 \u203c\n\nA vulnerability, which was classified as problematic, has been found in Hide Files on GitHub up to 2.x. This issue affects the function addEventListener of the file extension/options.js. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 3.0.0 is able to address this issue. The name of the patch is 9de0c57df81db1178e0e79431d462f6d9842742e. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216767.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T20:40:01.000000Z"}, {"uuid": "846abd2d-6dd5-447a-85da-b678b5b711cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25089", "type": "seen", "source": "https://t.me/cibsecurity/55393", "content": "\u203c CVE-2019-25089 \u203c\n\nA vulnerability has been found in Morgawr Muon 0.1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file src/muon/handler.clj. The manipulation leads to insufficiently random values. The attack can be launched remotely. Upgrading to version 0.2.0-indev is able to address this issue. The name of the patch is c09ed972c020f759110c707b06ca2644f0bacd7f. It is recommended to upgrade the affected component. The identifier VDB-216877 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-27T14:25:20.000000Z"}, {"uuid": "ef916f20-9ce8-4afc-8901-733584936e5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25085", "type": "seen", "source": "https://t.me/canyoupwnme/6837", "content": "CVE-2019-25085\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-25085", "creation_timestamp": "2022-12-26T15:41:14.000000Z"}]}