{"vulnerability": "CVE-2019-1678", "sightings": [{"uuid": "e83a9167-bfc1-4324-94a6-0c00053a814d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16782", "type": "seen", "source": "Telegram/0UKdrEe-YbJuuiI55HGsNMM2UUSSS6hdvPpLoO34g_dgR-WA", "content": "", "creation_timestamp": "2025-02-14T10:08:10.000000Z"}, {"uuid": "6b729e0e-90de-4a24-96fc-cb54869376c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16784", "type": "seen", "source": "https://t.me/arpsyndicate/2198", "content": "#ExploitObserverAlert\n\nCVE-2019-16784\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2019-16784. In PyInstaller before version 3.6, only on Windows, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in \"onefile\" mode is launched by a privileged user (at least more than the current one) which have his \"TempPath\" resolving to a world writable directory. This is the case for example if the software is launched as a service or as a scheduled task using a system account (TempPath will be C:\\Windows\\Temp). In order to be exploitable the software has to be (re)started after the attacker launch the exploit program, so for a service launched at startup, a service restart is needed (e.g. after a crash or an upgrade).\n\nFIRST-EPSS: 0.000420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-28T05:38:02.000000Z"}, {"uuid": "8dcfe17f-7ec7-448a-bd9e-d836c5293c19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16782", "type": "seen", "source": "https://t.me/ctinow/208841", "content": "https://ift.tt/mBMWvG5\nCVE-2019-16782 | Rack up to 1.6.11/2.0.7 Session timing discrepancy", "creation_timestamp": "2024-03-15T15:22:07.000000Z"}, {"uuid": "efb3a3aa-e0a9-4dc2-ab6a-53363869efd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16789", "type": "seen", "source": "https://t.me/ctinow/209873", "content": "https://ift.tt/omIhU4N\nCVE-2019-16789 | Waitress up to 1.4.0 Proxy HTTP Request request smuggling (RHSA-2020:0720)", "creation_timestamp": "2024-03-17T11:41:32.000000Z"}, {"uuid": "befd35b4-9e14-4148-b69e-ae3477e1fd94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16781", "type": "seen", "source": "https://t.me/ctinow/209872", "content": "https://ift.tt/EYZNbG0\nCVE-2019-16781 | WordPress up to 5.3.0 Block Editor cross site scripting (GHSA-pg4x-64rh-3c9v)", "creation_timestamp": "2024-03-17T11:41:30.000000Z"}, {"uuid": "c3f13caf-2741-4e6d-9721-dc6dc5058ba7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16780", "type": "seen", "source": "https://t.me/ctinow/209867", "content": "https://ift.tt/eUghmuW\nCVE-2019-16780 | WordPress 5.3.1 Block Editor cross site scripting", "creation_timestamp": "2024-03-17T11:16:40.000000Z"}, {"uuid": "f113076e-185a-4095-a785-88cc0e259505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16786", "type": "seen", "source": "https://t.me/ctinow/209459", "content": "https://ift.tt/tM0fpY8\nCVE-2019-16786 | Waitress up to 1.3.1 HTTP Header Transfer-Encoding request smuggling (RHSA-2020:0720)", "creation_timestamp": "2024-03-16T10:16:48.000000Z"}, {"uuid": "72b370bd-a01a-417b-9b34-0aff922f2fe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16785", "type": "seen", "source": "https://t.me/ctinow/209458", "content": "https://ift.tt/CDq2gZ0\nCVE-2019-16785 | Waitress up to 1.3.1 HTTP Message Split request smuggling (RHSA-2020:0720)", "creation_timestamp": "2024-03-16T10:16:46.000000Z"}, {"uuid": "2a5db077-4aa7-4046-985b-ac43e2947d76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-16782", "type": "seen", "source": "https://t.me/cibsecurity/24503", "content": "\u203c CVE-2019-25025 \u203c\n\nThe activerecord-session_store (aka Active Record Session Store) component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a correct guess in a relatively short amount of time. This is a related issue to CVE-2019-16782.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-05T12:47:27.000000Z"}]}