CVE-2026-22225

creationtimestamp| type| source ---|---|--- 2026-02-02 19:21:16+00:00| seen| Telegram/l5GdkV3EN00CMaI5xyso-xNuPLT0g7uF7hgOrEpSdA-D9FY...

CVE-2026-22225

CVE-2026-22225 describes a command-injection vulnerability in the TP-Link Archer BE230 v1.2, exploitable after admin authentication in the VPN Connection Service. Affected: Archer BE230 v1.2 with builds earlier than 1.2.4 (Build 20251218 rel.70420). Impact: attacker could obtain full administrati...

CVE-2021-22225

Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown...

Security Bulletin: Broadcomm VMware ESXi Vulnerabilities affect IBM Cloud Pak System

Summary Broadcomm VMware ESXi Vulnerabilities affect IBM Cloud Pak SystemCVE-2025-22224, CVE-2025-22225,CVE-2025-22226 Vulnerability Details CVEID:CVE-2025-22224 DESCRIPTION: VMware ESXi, and Workstation contain a TOCTOU Time-of-Check Time-of-Use vulnerability that leads to an out-of-bounds write...

VMware ESXi 7.0 / 8.0 Sandbox Escape (CVE-2025-22225)

The version of VMware ESXi installed on the remote host is 7.0 prior to 7.0 Update 3s, 8.0 Update 2 prior to 8.0 Update 2d, or 8.0 Update 3 prior to 8.0 Update 3d. It is, therefore, affected by a sandbox escape vulnerability: - VMware ESXi contains an arbitrary write vulnerability. A malicious...

Multiple Zero-Day Vulnerabilities in Broadcom VMware ESXi and Other Products

On Tuesday, March 4, 2025, Broadcom published a critical security advisory VMSA-2025-0004 on 3 new zero-day vulnerabilities affecting multiple VMware products, including ESXi, Workstation, and Fusion. The most severe of the vulnerabilities is CVE-2025-22224, a critical vulnerability in ESXi and...

VulnCheck KEV: CVE-2025-22225

VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox...

VMSA-2025-0004: VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)

Advisory ID: | VMSA-2025-0004 ---|--- Severity: | Critical CVSSv3 Range: | 7.1-9.3 Synopsis: | VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 Issue date: | 2025-03-04 Updated on: | 2025-03-04 Initial Advisory CVEs |...

CVE-2024-22225

Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its svcsupportassist utility. An authenticated attacker could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges...

CVE-2024-22225

Dell Unity is affected by CVE-2024-22225 in versions prior to 5.4, where the svc_supportassist utility allows OS command injection. An authenticated, local attacker could execute arbitrary commands with root privileges; CVSSv3.1 score 7.8 (HIGH) with local access, low attack complexity and no use...

CVE-2022-22225 Junos OS and Junos OS Evolved: In a BGP multipath scenario, when one of the contributing routes is flapping often and rapidly, rpd may crash

A Time-of-check Time-of-use TOCTOU Race Condition vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated attacker with an established BGP session to cause a Denial of Service DoS. In a BGP multipath scenario, when one of the...

CVE-2022-22225

TOCTOU race condition in Juniper Junos OS and Junos OS Evolved’s Routing Protocol Daemon (rpd) allows an unauthenticated attacker on an established BGP session to trigger a DoS by crashing rpd when a route in a BGP multipath flap scenario is a contributing route. Affected versions include Junos O...

Juniper Junos OS Vulnerability (JSA69875)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA69875 advisory. - A Time-of-check Time-of-use TOCTOU Race Condition vulnerability in the Routing Protocol Daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an...

Stivasoft Fundraising Script SQL Injection (CVE-2020-22223; CVE-2020-22225; CVE-2020-22226)

An SQL injection vulnerability exists in Stivasoft Fundraising Script. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2020-22225

creationtimestamp| type| source ---|---|--- 2021-11-06 01:26:20+00:00| seen| https://t.me/cibsecurity/31926...

CVE-2020-22225

Stivasoft Phpjabbers Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function...

CVE-2020-22225

The CVE-2020-22225 issue concerns Stivasoft (Phpjabbers) Fundraising Script v1.0, where a SQL injection vulnerability exists in the pjActionLoadForm function. This is the underlying root cause: input handling in pjActionLoadForm allows arbitrary SQL to be executed by an unauthenticated or remote ...

CVE-2021-22225

GitLab CVE-2021-22225 involves insufficient input sanitization in the markdown renderer, affecting GitLab 13.11 and newer. The vulnerability allows stored cross-site scripting via specially crafted markdown. Root cause is poor sanitization in markdown processing; impact is partial confidentiality...

CVE-2021-22225

Insufficient input sanitization in markdown in GitLab version 13.11 and up allows an attacker to exploit a stored cross-site scripting vulnerability via a specially-crafted markdown...

e96.ru XSS vulnerability

Vulnerable URL: http://e96.ru/delivery?id=61%3C/script%3E%22%3E%3Cscript%3Eprompt%28/OPENBUGBOUNTY/%29%3C/script%3E= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 02.09.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 22225 VIP websit...