CVE-2025-10325

creationtimestamp| type| source ---|---|--- 2025-09-12 23:37:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyogluqps52i...

CVE-2024-10325 Elementor Header & Footer Builder <= 1.6.45 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress Elementor – Header, Footer & Blocks Template Plugin <= 1.6.45 is vulnerable to Cross Site Scripting (XSS)

Software Elementor – Header, Footer & Blocks Template Type Plugin Vulnerable versions = 1.6.45 Fixed in 1.6.46 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10325 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3bcf490aa26b...

Mageia: Security Advisory (MGASA-2017-0170)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-10325

A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages...

CVE-2019-10325

A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages...

CVE-2019-10325

CVE-2019-10325 affects the Jenkins Warnings NG Plugin, version 5.0.0 and earlier. The issue is described as a cross-site scripting vulnerability that allows an attacker with Job/Configure permission to inject arbitrary JavaScript into build overview pages. The underlying cause is a stored/xss-lik...

Debian: Security Advisory (DLA-898-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-10325

CVE-2017-10325 refers to a vulnerability in the Oracle Common Applications Calendar component of Oracle E-Business Suite (subcomponent Applications Calendar). Affected are Oracle E-Business Suite versions 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. The issue allows an unaut...

SUSE SLED12 Security Update : libosip2 (SUSE-SU-2017:1187-1)

This update for libosip2 fixes several issues. These security issues were fixed : - CVE-2017-7853: In libosip2 a malformed SIP message could have lead to a heap buffer overflow in the msgosipbodyparse function defined in osipparser2/osipmessageparse.c, resulting in a remote DoS bsc1034570. -...

openSUSE Security Update : libosip2 (openSUSE-2017-526)

This update for libosip2 fixes the following issues : Changes in libosip2 : - CVE-2017-7853: In libosip2 in GNU 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msgosipbodyparse function defined in osipparser2/osipmessageparse.c, resulting in a remote DoS. boo1034570 -...

openSUSE: Security Advisory for libosip2 (openSUSE-SU-2017:1127-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2016-1000258

CVE-2016-1000258 is a reservation duplicate of CVE-2016-10325 and is not a unique active entry. The connected records provide concrete details for CVE-2016-10325 (GNU oSIP/libosip2): a malformed SIP message can cause a remote DoS via a heap buffer overflow in _osip_message_to_str() and related fu...

CVE-2016-10325

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osipmessagetostr function defined in osipparser2/osipmessagetostr.c, resulting in a remote DoS...

CVE-2016-10325

In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osipmessagetostr function defined in osipparser2/osipmessagetostr.c, resulting in a remote DoS...

CVE-2016-10325

CVE-2016-10325 affects libosip2 (GNU oSIP) 4.1.0, where a malformed SIP message can cause a heap buffer overflow in the _osip_message_to_str() function, leading to a remote denial of service. Connected advisories corroborate the issue across multiple distros and report fixes in updated libosip2 p...