{"vulnerability": "cve-2019-1217", "sightings": [{"uuid": "5cf3785e-3d8c-47d0-be77-a2cc3615aa74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12170", "type": "seen", "source": "https://t.me/cve_mitre_org/71", "content": "CVE-2019-12170 ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/_core/backups/upload.php (aka backup) component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the sys... https://t.co/FDzFHhBV6m\u2014 CVE (@CVEnew) May 17, 2019\n\nMay 18, 2019 at 01:45AM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-17T22:51:11.000000Z"}, {"uuid": "dc10fc1d-c3c0-4e1b-b432-034dbf125ad4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12174", "type": "seen", "source": "https://t.me/cveNotify/301", "content": "\ud83d\udea8 #CVE-2019-12174\nhttp://hide.me\u00a0 before 2.4.4 on macOS suffers from a privilege escalation vulnerability in the connectWithExecutablePath:configFilePath:configFileName method of the me_hide_vpnhelper.Helper class in the me.hide.vpn... https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12174\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2022-08-02T12:29:15.000000Z"}, {"uuid": "49638a12-1def-46e0-ae2e-b4730a4bbe1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12172", "type": "seen", "source": "https://t.me/cve_mitre_org/72", "content": "CVE-2019-12172 Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modified file: URL syntax in the HREF attribute of an AREA element, as demonstrated by file:\\\\\\ on macOS or Linux, or file://C| on Windows. This is different from CVE-2019-12137. https://t.co/GXr6BkmZev\u2014 CVE (@CVEnew) May 17, 2019\n\nMay 18, 2019 at 02:45AM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-17T23:47:08.000000Z"}, {"uuid": "f4f43a2d-a017-4107-95cc-da5691c4cffc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12173", "type": "seen", "source": "https://t.me/cve_mitre_org/73", "content": "CVE-2019-12173 MacDown 0.7.1 (870) allows remote code execution via a file:\\\\\\ URI, with a .app pathname, in the HREF attribute of an A element. This is different from CVE-2019-12138. https://t.co/LQG8rgFJRq\u2014 CVE (@CVEnew) May 17, 2019\n\nMay 18, 2019 at 02:45AM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-17T23:47:09.000000Z"}]}