Photon OS 5.0: Protobuf PHSA-2026-5.0-0825

An update of the protobuf package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0825. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2026-0825

creationtimestamp| type| source ---|---|--- 2026-01-28 09:32:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdhxovtp4p2h...

CVE-2022-0825

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any customer to update other's booking status, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it...

CVE-2011-0825

Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote attackers to affect confidentiality, integrity, and availability, related to Enterprise Infrastructure SEC...

TencentOS Server 4: webkitgtk (TSSA-2025:0825)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0825 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Fedora: Security Advisory (FEDORA-2025-53d4bfcda2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-0825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters \r\n when those are prefixed with a null byte. This enables attackers to exploit CRL...

Fedora: Security Advisory (FEDORA-2025-c0ec6fa21b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-0825

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829,...

CVE-2025-0825

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

CVE-2025-0825

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

CVE-2025-0825 CRLF injection in Cpp-httplib

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

CVE-2025-0825

CVE-2025-0825 affects the C++ header-only library cpp-httplib, where versions v0.17.3 through v0.18.3 do not filter CRLF characters when preceded by a null byte. The underlying issue enables CRLF injection, which could lead to HTTP Response Splitting and related risks (e.g., XSS) as described in ...

CVE-2025-0825

cpp-httplib version v0.17.3 through v0.18.3 fails to filter CRLF characters "\r\n" when those are prefixed with a null byte. This enables attackers to exploit CRLF injection that could further lead to HTTP Response Splitting, XSS, and more...

CVE-2024-0825

creationtimestamp| type| source ---|---|--- 2024-03-05 03:27:44+00:00| seen| https://t.me/ctinow/199846 2024-03-05 03:28:02+00:00| seen| https://t.me/ctinow/199859...

WordPress Vimeography Plugin <= 2.3.2 is vulnerable to PHP Object Injection

Software Vimeography Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-0825 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID d222d8e03d69 Credits Lucio Sá Required privilege Contributor...

CVE-2022-0825 Amelia < 1.0.49 - Customer+ Arbitrary Appointments Status Update

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any customer to update other's booking status, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it...

CVE-2022-0825

CVE-2022-0825 affects the WordPress Amelia plugin prior to 1.0.49. The vulnerability stems from improper authorization, enabling any authenticated customer to update other people’s booking status and to retrieve sensitive booking data (e.g., full name and phone number). This could lead to arbitra...

Oracle Linux 8 : kernel (ELSA-2022-0825)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0825 advisory. - lib/ioviter: initialize 'flags' in new pipebuffer Jan Stancek 2060874 2060875 CVE-2022-0847 - tipc: improve size validations for received domain...

Mageia: Security Advisory (MGASA-2015-0126)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...