CVE-2025-14875

creationtimestamp| type| source ---|---|--- 2026-01-07 08:26:37+00:00| seen| https://gist.github.com/Darkcrai86/14fce7aafda87f27cb32dbdf44aec915...

CVE-2025-14875 HBLPAY Payment Gateway for WooCommerce <= 5.0.0 - Reflected Cross-Site Scripting via 'cusdata' Parameter

The HBLPAY Payment Gateway for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘cusdata’ parameter in all versions up to, and including, 5.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

Linux Distros Unpatched Vulnerability : CVE-2019-14875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the multiply function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, howev...

CVE-2019-14875

In the multiply function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of x0 will trigger a null pointer dereference bug in ca...

CVE-2021-34902

CVE-2021-34902 affects Bentley View 10.15.0.75. The flaw is in DWG file parsing, arising from insufficient validation that allows an out-of-bounds read (read past the end of an allocated object). This can lead to sensitive information disclosure. Exploitation requires user interaction (target mus...

CVE-2021-34902

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Oracle Oracle E-Business Suite (Oct 2020 CPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory, including the following: - Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider...

CVE-2020-14875

creationtimestamp| type| source ---|---|--- 2020-10-21 19:01:21+00:00| seen| https://t.me/cibsecurity/15456...

CVE-2020-14875

Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2020-14875

Oracle E-Business Suite Oracle Marketing Administration is affected by CVE-2020-14875. Affected versions: 12.1.1–12.1.3 and 12.2.3–12.2.10. The vulnerability allows an unauthenticated attacker over HTTP to compromise Oracle Marketing, with potential for unauthorized creation, deletion or modifica...

Vulnerabilities fixed in Oracle E-Business Suite

Oracle has fixed vulnerabilities in the following Oracle E-Business Suite products: Applications Manager Marketing Application Object Library Trade Management Universal Work Queue Installed Base CRM Technical Foundation One-to-One Fulfillment Applications Framework E-Business Suite Secure...

CVE-2019-14875

In the multiply function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of x0 will trigger a null pointer dereference bug in ca...

CVE-2019-14875

In the multiply function of the newlib libc library, all versions prior to 3.3.0 see newlib/libc/stdlib/mprec.c, Balloc is used to allocate a big integer, however no check is performed to verify if the allocation succeeded or not. The access of x0 will trigger a null pointer dereference bug in ca...

CVE-2019-14875

CVE-2019-14875 affects the newlib libc library before version 3.3.0. In the __multiply function (mprec.c), Balloc is used to allocate a big integer without checking the allocation result; accessing _x[0] can trigger a null pointer dereference on allocation failure, potentially causing a crash (im...

CVE-2018-14875

The CVE-2018-14875 entry applies to Polaris FT Intellect Core Banking 9.7.1 (Core and Portal modules). The issue is a Reflected XSS vulnerability that can occur within an authenticated session via the Customerid, formName, FrameId, or MODE parameters. The available references document the vulnera...

CVE-2017-14875

CVE-2017-14875 describes a heap overread in the ioctl handler VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE used by Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-05-23. The provided documents name the affected environments and the general vulnerability class but do not provide further root...