{"vulnerability": "cve-2019-1835", "sightings": [{"uuid": "230e0867-4039-4c3f-a19b-4eb34e2008b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-18351", "type": "seen", "source": "https://t.me/cibsecurity/24495", "content": "\u203c CVE-2019-18351 \u203c\n\nAn issue was discovered in channels/chan_sip.c in Sangoma Asterisk through 13.29.1, through 16.6.1, and through 17.0.0; and Certified Asterisk through 13.21-cert4. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-05T07:47:09.000000Z"}, {"uuid": "716d9032-f2d7-47fe-bbbe-cd1fbe46b564", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-18359", "type": "seen", "source": "https://t.me/ctinow/174698", "content": "https://ift.tt/QlSdNXB\nCVE-2019-18359 | MP3Gain 1.6.2 apetag.c ReadMP3APETag memory corruption", "creation_timestamp": "2024-01-27T09:11:37.000000Z"}, {"uuid": "b33a320a-a61d-4ac2-bf40-250e4b310900", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-18357", "type": "seen", "source": "https://t.me/ctinow/174697", "content": "https://ift.tt/67OUTYE\nCVE-2019-18357 | Thycotic Secret Server up to 10.6 cross site scripting", "creation_timestamp": "2024-01-27T09:11:36.000000Z"}, {"uuid": "fba34276-3113-46d8-9e45-86ba9abdc491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-18356", "type": "seen", "source": "https://t.me/ctinow/174696", "content": "https://ift.tt/blIaiTs\nCVE-2019-18356 | Thycotic Secret Server up to 10.6 cross site scripting", "creation_timestamp": "2024-01-27T09:11:35.000000Z"}, {"uuid": "66e2a4f7-b014-46cf-bde3-74179e6e53d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-18355", "type": "seen", "source": "https://t.me/ctinow/174695", "content": "https://ift.tt/esNQIt2\nCVE-2019-18355 | Thycotic Secret Server up to 10.6 Legacy Web Launcher server-side request forgery", "creation_timestamp": "2024-01-27T09:11:34.000000Z"}, {"uuid": "46de212e-245a-457d-98eb-c4a34cfd4ea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-18350", "type": "seen", "source": "https://t.me/ctinow/174691", "content": "https://ift.tt/tHhlAUs\nCVE-2019-18350 | Ant Design Pro 4.0.0 redirect Reflected cross site scripting", "creation_timestamp": "2024-01-27T08:41:27.000000Z"}]}