CVE-2021-25000

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjdeleterole parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue...

Security Bulletin: IBM Storage Fusion Data Foundation is vulnerable to an Observable Timing Discrepancy in Vault (CVE-2023-25000)

Summary Vault is used by IBM Storage Fusion Data Foundation in mcg, ocs, odr, cephcsi, and odr operators as part of credential management. This bulletin identifies the steps to take to address the vulnerability in IBM Storage Fusion Data Foundation. CVE-2023-25000. Vulnerability Details...

CVE-2025-25000

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

CVE-2025-25000

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

CVE-2025-25000

creationtimestamp| type| source ---|---|--- 2025-04-04 00:35:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10374 2025-04-04 03:47:39+00:00| seen| https://t.me/cvedetector/22056 2025-04-04 03:48:24+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114277646538523666...

CVE-2024-25000

A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM...

Citrix Licensing Manager Reports Error Code 400

After upgrading licence server to 11.15.0.0 build 25000, Citrix Licensing Manager https://localhost:8083 displays the error :For assistance, contact Citrix Customer Service and reference error code 400...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

CVE-2023-25000

A flaw was found in the Hashicorp vault. This flaw allows an attacker with access to and the ability to observe a large number of unseal operations on the host through a side channel to reduce the search space of a brute-force effort to recover the Shamir shares...

CVE-2023-25000

HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a...

CVE-2023-25000 vulnerabilities

Vulnerabilities for packages: k3d...

CVE-2023-25000

HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a...

CVE-2023-25000 vulnerabilities

Vulnerabilities for packages: k3d...

CVE-2023-25000 Vault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations

HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a...

CVE-2023-25000

CVE-2023-25000 : HashiCorp Vault’s Shamir secret sharing uses precomputed table lookups and is vulnerable to cache-timing attacks during seal/unseal. An attacker observing many unseal operations locally could reduce the search space for recovering Shamir shares. Affected: Vault’s Shamir implement...

CVE-2021-25000

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjdeleterole parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue...

CVE-2021-25000

CVE-2021-25000 affects the Booster for WooCommerce WordPress plugin prior to 5.4.9. The vulnerability is a reflected Cross-Site Scripting (XSS) caused by not sanitising/escaping the wcj_delete_role parameter before output in the admin dashboard when the General module is enabled. Evidence across ...

CVE-2021-25000 Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in General Module

The Booster for WooCommerce WordPress plugin before 5.4.9 does not sanitise and escape the wcjdeleterole parameter before outputting back in the admin dashboard when the General module is enabled, leading to a Reflected Cross-Site Scripting issue...

CVE-2020-27252

Medtronic MyCareLink Smart 25000 is vulnerable to a race condition in the MCL Smart Patient Reader software update system, which allows unsigned firmware to be uploaded and executed on the Patient Reader. If exploited, an attacker could remotely execute code on the MCL Smart Patient Reader device...

CVE-2020-25183

CVE-2020-25183 affects Medtronic MyCareLink Smart 25000; root cause is an authentication bypass between the MCL Smart Patient Reader and the MyCareLink Smart mobile app (CWE-287). Impact is authenticated access within Bluetooth range, allowing an attacker on a nearby device to fool the reader int...