CLEANSTART-2026-GP85500 Security fixes for ghsa-mh2q-q3fh-2475 applied in versions: 1.22.7-r0

Security vulnerability affects the consul-fips package. This issue is resolved in later releases. See references for vulnerability details...

MINI-2475-746M-G89W

Bulletin has no description...

ECHO-4DEA-2475-6D75

Bulletin has no description...

EUVD-2026-2475

The vulnerability exists in BLUVOYIX due to improper authentication in the BLUVOYIX backend APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable APIs. Successful exploitation of this vulnerability could allow the...

EUVD-2011-2475

Malware in sbrugna...

EUVD-2025-2475

Malicious code in bioql PyPI...

CVE-2011-2475

Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields,...

CVE-2025-2475 vulnerabilities

Vulnerabilities for packages: mattermost-fips...

SUSE CVE-2025-2475

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials...

CVE-2025-2475

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials...

CVE-2025-2475

Mattermost CVE-2025-2475 affects servers 9.11.x up to 9.11.9, 10.4.x up to 10.4.3, and 10.5.x up to 10.5.1. The root cause is a failure to invalidate the cache when a user account is converted to a bot, enabling an attacker to log in to the bot exactly once using normal credentials. The available...

CVE-2025-2475 Unauthorized Bot Login Using Credentials

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials...

SUSE: Security Advisory (SUSE-SU-2024:2475-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-2475

The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress Media Library Assistant Plugin <= 3.13 is vulnerable to Cross Site Scripting (XSS)

Software Media Library Assistant Type Plugin Vulnerable versions = 3.13 Fixed in 3.14 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2475 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 37f010ff5d22 Credits stealthcopter...

Amazon Linux 2 : kernel (ALAS-2024-2475)

The version of kernel installed on the remote host is prior to 4.14.336-257.562. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2475 advisory. 2024-07-03: CVE-2024-23851 was added to this advisory. dmtablecreate in drivers/md/dm-table.c in the Linux kernel...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2023-2475)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2475

Dromara J2eeFAST (up to version 2.6.0) vulnerability in the System Message Handler allows cross-site scripting via manipulation of the argument 主题. Root cause is unknown processing in the System Message Handler, enabling remote exploitation. The CVE entry notes the exploit has been disclosed publ...

XWiki 14.0-rc-1 < 14.4.7, 14.5.x < 14.10 Code Injection Vulnerability (GHSA-c5f4-p5wv-2475)

Xwiki is prone to a code injection vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki"; ifdescription...

CVE-2022-2475

creationtimestamp| type| source ---|---|--- 2022-10-28 22:29:39+00:00| seen| https://t.me/cibsecurity/52245...