CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

CVE-2026-2258

Affected software: aardappel lobster up to 2025.4. Vulnerable component: WaveFunctionCollapse function in library dev/src/lobster/wfc.h. Issue causes memory corruption via local manipulation. Exploit has been published and may be used. A patch is available (commit c2047a33e1ac2c42ab7e8704b33f7ea5...

CVE-2026-2258

A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and ma...

MiracleLinux 8 : shim-15.4-2.ML.2 (AXSA:2021-2258:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2258:03 advisory. grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod...

CVE-2019-2258

Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM961...

RockyLinux 9 : python-mako (RLSA-2023:2258)

The remote RockyLinux 9 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2023:2258 advisory. python-mako: REDoS in Lexer class CVE-2022-40023 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that...

CVE-2022-2258

In affected versions of Octopus Deploy it is possible for a user to view Tagsets without being explicitly assigned permissions to view these items...

CVE-2010-2258

Cross-site scripting XSS vulnerability in signupconfirm.php in phpBannerExchange 1.2 Arabic allows remote attackers to inject arbitrary web script or HTML via the bannerurl parameter...

Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability

Talos Vulnerability Report TALOS-2024-2105 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow vulnerability April 14, 2025 CVE Number None,CVE-2025-2258 SUMMARY An integer underflow vulnerability exists in the HTTP server PUT request functionality of Eclipse ThreadX NetX Du...

CVE-2025-2258

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...

CVE-2025-2258

creationtimestamp| type| source ---|---|--- 2025-04-06 19:44:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10640 2025-04-06 23:12:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lm6l22o2vr2i 2025-04-07 00:20:11+00:00| seen| https://t.me/cvedetector/22231 2025-04-14...

CVE-2025-2258

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...

CVE-2025-2258 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...

CVE-2025-2258 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow

In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.3, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A...

CVE-2024-2258

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping. Th...

CVE-2024-2258 Form Maker by 10Web <= 1.15.24 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting

The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autofilled into forms in all versions up to, and including, 1.15.24 due to insufficient input sanitization and output escaping. Th...

CVE-2013-2258

creationtimestamp| type| source ---|---|--- 2024-02-04 07:36:59+00:00| seen| https://t.me/ctinow/178705...

AlmaLinux 9 : python-mako (ALSA-2023:2258)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2023:2258 advisory. - Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and...

CVE-2023-2258 Improper Neutralization of Formula Elements in a CSV File in alfio-event/alf.io

Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304...

CVE-2023-2258 Improper Neutralization of Formula Elements in a CSV File in alfio-event/alf.io

Improper Neutralization of Formula Elements in a CSV File in GitHub repository alfio-event/alf.io prior to 2.0-M4-2304...