CVE-2026-25009 WordPress Education Zone theme <= 1.3.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Zone: from n/a through = 1.3.8...

CVE-2025-25009 vulnerabilities

Vulnerabilities for packages: kibana...

CVE-2025-25009

creationtimestamp| type| source ---|---|--- 2025-10-08 07:00:08+00:00| seen| https://gist.github.com/Darkcrai86/a09881e53ee590b2c5041f7a13405a74 2025-10-09 01:23:24+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3m2pymobvns2f...

CVE-2025-25009

CVE-2025-25009 affects Kibana components where improper neutralization of input during web page generation enables stored XSS via case file uploads. The vulnerability is documented across multiple feeds (NVD, CVE lists, OSV, Nessus) with correlated advisories indicating Kibana versions in use; th...

Linux Distros Unpatched Vulnerability : CVE-2019-25009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness. CVE-2019-25009 Note that...

CVE-2024-25009

creationtimestamp| type| source ---|---|--- 2024-08-20 14:37:03+00:00| seen| https://t.me/cvedetector/3615...

RHEL 7 : libwebp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libwebp: use of uninitialized value in ReadSymbol CVE-2018-25014 - A heap-based buffer overflow was found...

ROS-2-1453

2.1453 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...

CVE-2023-25009

creationtimestamp| type| source ---|---|--- 2023-05-14 14:25:09+00:00| seen| https://t.me/cibsecurity/64066 2025-01-24 20:04:42+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3000...

CVE-2023-25009

A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds write vulnerability which could result in code execution...

CVE-2023-25009

CVE-2023-25009 affects Autodesk 3DS Max via the USD file parser. The issue is an out-of-bounds write in parsing USD files, which can allow remote code execution when a user opens a malicious USD file or is prompted to view one. The vulnerability stems from crafted USD data that causes a write pas...

CVE-2023-25009

A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds write vulnerability which could result in code execution...

SUSE CVE-2018-25009

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16...

SUSE CVE-2019-25009

An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...

CVE-2021-25009 CorreosExpress <= 2.6.0 - Sensitive Information Disclosure

The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses...

CVE-2021-25009

The CVE-2021-25009 entry concerns the WordPress CorreosExpress plugin (versions up to 2.6.0). The vulnerability is information disclosure via publicly accessible log files containing sender/receiver names, phone numbers, and addresses. Connected sources confirm the issue arises from log file expo...

RHEL 8 : libwebp (RHSA-2021:4231)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4231 advisory. The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital...

Moderate: Red Hat Security Advisory: libwebp security update

An update for libwebp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Moderate: libwebp security update

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format RIFF. Webmasters, web...

RLSA-2021:4231 Moderate: libwebp security update

The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format RIFF. Webmasters, web...