SUSE SLED15 / SLES15 Security Update : python313-wheel (SUSE-SU-2026:0425-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0425-1 advisory. - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Tenable h...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.9-2.3.7.1.AXS4 (AXSA:2013-98:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2013-98:02 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-0424 Unspecified vulnerability in the Java Runtime Environment JRE...

RHSA-2026:0425

creationtimestamp| type| source ---|---|--- 2026-01-12 08:12:06+00:00| seen| https://gist.github.com/Darkcrai86/827e6014efa4d6028c0d9923e9ab0c7d...

CVE-2022-0425

A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery SSRF attacks...

EUVD-2026-0425

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

CVE-2020-0425

There is a possible way to view notifications even when the "Lockdown" feature is on. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-124000380...

CVE-2025-0425

creationtimestamp| type| source ---|---|--- 2025-02-18 08:41:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4758 2025-02-18 10:00:46+00:00| seen| Telegram/uXTsRbSVOAxT-nr3t30Hie5F7TyPrUPFsbnyygTMVunZ5lI 2025-02-18 10:57:38+00:00| seen| https://t.me/cvedetector/18302...

CVE-2025-0425

Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change the server address of the "bestinformed Server" to which this client connects. This is dangerous as the "bestinformed Infoclient" runs with elevated permissions "nt authority\system". By changing the...

CVE-2025-0425 Local Privilege Escalation via Config Manipulation

Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change the server address of the "bestinformed Server" to which this client connects. This is dangerous as the "bestinformed Infoclient" runs with elevated permissions "nt authority\system". By changing the...

CVE-2025-0425

Cordaware bestinformed Infoclient is vulnerable to local privilege escalation: a low-privileged user can change the server address to a malicious or spoofed server, enabling elevation to nt authority\system on Windows. This relies on default GUI permissions and can be mitigated by deploying a cus...

CVE-2025-0425 Local Privilege Escalation via Config Manipulation

Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change the server address of the "bestinformed Server" to which this client connects. This is dangerous as the "bestinformed Infoclient" runs with elevated permissions "nt authority\system". By changing the...

Photon OS 3.0: Linux PHSA-2022-3.0-0425

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0425. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2023-0425

creationtimestamp| type| source ---|---|--- 2024-03-25 20:53:54+00:00| seen| https://t.me/icscert/826...

CVE-2024-0425 ForU CMS password recovery

A vulnerability classified as critical was found in ForU CMS up to 2020-06-23. This vulnerability affects unknown code of the file /admin/index.php?act=resetadminpsw. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit has been disclosed to the publ...

CVE-2024-0425 ForU CMS password recovery

A vulnerability classified as critical was found in ForU CMS up to 2020-06-23. This vulnerability affects unknown code of the file /admin/index.php?act=resetadminpsw. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit has been disclosed to the publ...

CVE-2024-0425

ForU CMS (versions up to 2020-06-23) contains a vulnerability in /admin/index.php?act=reset_admin_psw that enables weak password recovery. The issue can be exploited remotely, and public disclosures exist. Several sources identify this as critical with remote access and potential impact to authen...

CVE-2023-0425 Buffer overflow in global memory region

ABB is aware of vulnerabilities in the product versions listed below. An update is available that resolves the reported vulnerabilities in the product versions under maintenance. An attacker who successfully exploited one or more of these vulnerabilities could cause the product to stop or make th...

CVE-2023-0425

CVE-2023-0425 concerns a Numeric Range Comparison Without Minimum Check in ABB Freelance controllers AC 700F and AC 900F. Affected products include: AC 700F from version 9.0.0 through 9.2 SP2 (and various Freelance 2013–2019 line builds), and AC 900F Freelance 2013–2019 builds (including SP1 and ...

Security Bulletin: IBM Smart Analytics System 5600 is affected by vulnerabilities in the IBM Java SDK

Abstract The IBM Smart Analytics System 5600 contains a management host that is installed with the Mozilla Firefox browser. The browser is configured to use IBM Java SDK for Java Web Start applications. The browser software is configured in this manner to allow the use of the Remote Control...

Moderate Photon OS Security Update - PHSA-2022-3.0-0425

Updates of 'linux-rt', 'linux', 'linux-secure', 'linux-esx', 'linux-aws' packages of Photon OS have been released...