{"vulnerability": "CVE-2019-1949", "sightings": [{"uuid": "8527f574-439a-4615-bc04-2ec9b9aa0ec2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19494", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "159d9d30-590b-4498-81dc-bcc78c7d84cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19496", "type": "seen", "source": "https://t.me/ctinow/200290", "content": "https://ift.tt/WKcTCe6\nCVE-2019-19496 | Alfresco Enterprise 5.2.4 HTML File Upload HTML Document Stored cross site scripting", "creation_timestamp": "2024-03-05T14:46:28.000000Z"}, {"uuid": "12a2e222-4b5b-4f4d-9994-5a10eac4d465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19492", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mgvcd2tae22w", "content": "", "creation_timestamp": "2026-03-12T21:02:30.903038Z"}, {"uuid": "bf7b13d0-fb72-43a0-bdc0-159ecfd03d16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19494", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:15.000000Z"}, {"uuid": "b1fcfc5b-14e2-4b58-a061-a1d894d9fc3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19492", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:12:58.000000Z"}, {"uuid": "320ea558-b94b-4a71-b70c-68d416926498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19494", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/http/cable_haunt_websocket_dos.rb", "content": "", "creation_timestamp": "2020-03-31T21:06:25.000000Z"}, {"uuid": "7582cd84-dad4-4d40-94eb-1b4007b17233", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19492", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/freeswitch_event_socket_cmd_exec.rb", "content": "", "creation_timestamp": "2019-11-13T17:44:06.000000Z"}, {"uuid": "c25632de-b37c-47b7-8bbb-b21ed01e44c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19497", "type": "seen", "source": "https://t.me/ctinow/206008", "content": "https://ift.tt/3TEyw0Y\nCVE-2019-19497 | Alt-N MDaemon Attachment filename cross site scripting", "creation_timestamp": "2024-03-12T19:16:59.000000Z"}, {"uuid": "dc29fbfb-a4ee-4537-ba2e-f04eb44eb1da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19493", "type": "seen", "source": "https://t.me/ctinow/200289", "content": "https://ift.tt/0RobTzc\nCVE-2019-19493 | Kentico up to 12.0.49 File Upload Content-Type Header unrestricted upload (ID 159525)", "creation_timestamp": "2024-03-05T14:46:27.000000Z"}, {"uuid": "7c42564f-4fda-4bf4-abe1-75a28d291579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19491", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/200287", "content": "https://ift.tt/gvrSytH\nCVE-2019-19491 | TestLink 1.9.19 archiveData.php edit cross site scripting (EDB-47702)", "creation_timestamp": "2024-03-05T14:46:24.000000Z"}, {"uuid": "0df48a1e-527e-45a1-a4ef-add94ae641c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19492", "type": "seen", "source": "https://t.me/ctinow/200288", "content": "https://ift.tt/GJi5eEZ\nCVE-2019-19492 | FreeSWITCH up to 1.10.1 event_socket.conf.xml hard-coded credentials (EDB-47698)", "creation_timestamp": "2024-03-05T14:46:26.000000Z"}, {"uuid": "ec70f03e-dcba-4cba-b9f3-4624447ba452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19490", "type": "seen", "source": "https://t.me/ctinow/200286", "content": "https://ift.tt/56ZWn3g\nCVE-2019-19490 | LiteManager 4.5.0 Permission ROMFUSClient.exe default permission (EDB-47706)", "creation_timestamp": "2024-03-05T14:46:23.000000Z"}, {"uuid": "33c66699-f3a0-4d91-bd05-c7eec405487c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19494", "type": "exploited", "source": "https://t.me/SecLabNews/6604", "content": "\u041a\u043e\u043c\u0430\u043d\u0434\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Lyrebirds \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043b\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2019-19494) \u0432 \u043a\u0430\u0431\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u043e\u0434\u0435\u043c\u0430\u0445 \u043d\u0430 \u0431\u0430\u0437\u0435 \u0447\u0438\u043f\u043e\u0432 Broadcom \u043e\u0442 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c. \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u043a\u0430\u0431\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u043e\u0434\u0435\u043c\u0430\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0430 Sagemcom, Netgear, Technicolor \u0438 COMPAL, \u043f\u043e \u0438\u0445 \u043e\u0446\u0435\u043d\u043a\u0430\u043c, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0440\u044f\u0434\u043a\u0430 200 \u043c\u043b\u043d \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u0415\u0432\u0440\u043e\u043f\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u043a\u0430\u0431\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438.    \n\u041c\u0438\u043b\u043b\u0438\u043e\u043d\u044b \u043a\u0430\u0431\u0435\u043b\u044c\u043d\u044b\u0445 \u043c\u043e\u0434\u0435\u043c\u043e\u0432 \u0441 \u0447\u0438\u043f\u0430\u043c\u0438 Broadcom \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u043c", "creation_timestamp": "2020-01-12T11:10:02.000000Z"}, {"uuid": "82af7aff-991e-4368-86ac-41e727e141d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19499", "type": "seen", "source": "https://t.me/cibsecurity/14372", "content": "ATENTION\u203c New - CVE-2019-19499\n\nGrafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-28T18:55:20.000000Z"}, {"uuid": "e7854b44-6b96-4ee3-ad4c-ebb1fcc799d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-19491", "type": "seen", "source": "https://t.me/cveNotify/337", "content": "\ud83d\udea8 CVE-2019-20381\nTestLink before 1.9.20 allows XSS via non-lowercase javascript: in the index.php reqURI parameter. NOTE: this issue exists because of an incomplete fix for CVE-2019-19491.\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2020-01-20T13:37:36.000000Z"}]}