{"vulnerability": "CVE-2019-1625", "sightings": [{"uuid": "454b0849-5b9b-4788-847a-380f9915cbef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "b6f7a934-a280-46cb-9c06-98165e134225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:19.000000Z"}, {"uuid": "423fdad7-9b6e-477e-94e7-511eba917c4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970932", "content": "", "creation_timestamp": "2024-12-24T20:21:56.728071Z"}, {"uuid": "92941fb4-5a22-4b53-9b71-5ec5bff00966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "https://t.me/arpsyndicate/1169", "content": "#ExploitObserverAlert\n\nCVE-2019-16256\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2019-16256. Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.\n\nFIRST-EPSS: 0.044170000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T09:36:33.000000Z"}, {"uuid": "1de366c5-0307-4e8d-b50a-76667686d400", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:42.000000Z"}, {"uuid": "cd3d4f65-0dc3-4863-bffd-440f08df9d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16256", "type": "seen", "source": "Telegram/V3zp8gzDdcqUy7-QwLDLJzdmDjdSQBmzS2XglGI1JqBKCi--", "content": "", "creation_timestamp": "2025-02-06T02:42:30.000000Z"}, {"uuid": "e325d565-4f38-47c0-bc79-861096191a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2019-16256", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e224b883-a34e-4a02-8e2a-478d2249cc1a", "content": "", "creation_timestamp": "2026-02-02T12:29:02.530816Z"}, {"uuid": "75095177-241a-4872-82fb-c31e82252927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16251", "type": "seen", "source": "https://t.me/ctinow/177415", "content": "https://ift.tt/amxEBDv\nCVE-2019-16251 | YIT Plugin Framework up to 3.3.8 on WordPress yit-plugin-panel-wc.php privileges management", "creation_timestamp": "2024-02-01T09:41:23.000000Z"}, {"uuid": "20f5806c-1639-4aca-bbdd-7b972b83784a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16255", "type": "seen", "source": "https://t.me/ctinow/195379", "content": "https://ift.tt/kHK5YdW\nCVE-2019-16255 | Ruby up to 2.4.7/2.5.6/2.6.4 lib/shell.rb Argument injection (DLA 2027-1)", "creation_timestamp": "2024-02-28T12:36:53.000000Z"}, {"uuid": "e15f96c9-df77-4c47-ac1f-7dd642a6ec6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16254", "type": "seen", "source": "https://t.me/ctinow/195378", "content": "https://ift.tt/EFDyMwl\nCVE-2019-16254 | Ruby up to 2.4.7/2.5.6/2.6.4 Incomplete Fix HTTP Response injection (DLA 2027-1)", "creation_timestamp": "2024-02-28T12:36:52.000000Z"}, {"uuid": "adaa6790-be25-470f-a3f9-8fbcf16b5e83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16253", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/2341", "content": "Android Exploit to get a System based shell (UID 1000) on ANY Samsung Mobile Device based on CVE-2019-16253\n\n1) Downgrade to vulnerable SamsungTTS app\n2) Install exploit APK\n3) Exploit vulnerability to achieve System rights \nhttps://forum.xda-developers.com/t/system-shell-exploit-all-samsung-mobile-devices-no-bl-unlock-required.4543071/", "creation_timestamp": "2023-01-20T20:24:15.000000Z"}, {"uuid": "74788e29-2938-4694-93ee-70b6b4d672d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16252", "type": "seen", "source": "https://t.me/cibsecurity/12727", "content": "ATENTION\u203c New - CVE-2019-16252\n\nMissing SSL Certificate Validation in the Nutfind.com application through 3.9.12 for Android allows a man-in-the-middle attacker to sniff and manipulate all API requests, including login credentials and location data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-06-13T02:55:17.000000Z"}, {"uuid": "be7e6fae-2d6c-4afc-9caa-47c93e7967e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16253", "type": "exploited", "source": "https://t.me/androidMalware/1755", "content": "Android Exploit to get a System based shell (UID 1000) on ANY Samsung Mobile Device based on CVE-2019-16253\n\n1) Downgrade to vulnerable SamsungTTS app\n2) Install exploit APK\n3) Exploit vulnerability to achieve System rights \nhttps://forum.xda-developers.com/t/system-shell-exploit-all-samsung-mobile-devices-no-bl-unlock-required.4543071/", "creation_timestamp": "2023-02-09T04:23:11.000000Z"}]}