60 matches found
MiracleLinux 7 : libwebp-0.3.0-10.el7 (AXSA:2021-1858:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1858:01 advisory. libwebp: heap-based buffer overflow in PutLE16 CVE-2018-25011 libwebp: heap-based buffer overflow in WebPDecodeInto functions CVE-2020-36328 libwebp...
MiracleLinux 8 : libwebp-1.0.0-3.el8 (AXSA:2021-2201:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2201:02 advisory. libwebp: heap-based buffer overflow in PutLE16 CVE-2018-25011 libwebp: heap-based buffer overflow in WebPDecodeInto functions CVE-2020-36328 libwebp...
EUVD-2022-25011
Malicious code in bioql PyPI...
CVE-2024-25011
Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by default. Authentication checks can be configured to remediate the information disclosure issue...
CVE-2024-25011
creationtimestamp| type| source ---|---|--- 2025-09-18 11:48:09+00:00| seen| Telegram/Qd5YiNkh3Ep71IKXeXe9OgR38qsKZjCMR20h93RoQ2PXYF4...
CVE-2024-25011 Ericsson Catalog Manager and Ericsson Order Care - Exposure of Sensitive Information Vulnerability
Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by default. Authentication checks can be configured to remediate the information disclosure issue...
CVE-2025-25011
creationtimestamp| type| source ---|---|--- 2025-07-30 09:01:24+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lv6b4hzbyo2h...
CVE-2025-25011
CVE-2025-25011 affects Elastic Beats (notably Filebeat) installed via Windows, where the Windows install script can trigger an Uncontrolled Search Path Element leading to Local Privilege Escalation through insecure directory permissions. Affected versions include Beats prior to 9.1.0 (with mainte...
CVE-2023-25011
PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges...
CVE-2021-25011
The Maps Plugin using Google Maps for WordPress plugin before 1.8.1 does not have proper authorisation and CSRF in most of its AJAX actions, which could allow any authenticated users, such as subscriber to delete arbitrary posts and update the plugin's settings...
CVE-2019-25011
NetBox through 2.6.2 allows an Authenticated User to conduct an XSS attack against an admin via a GFM-rendered field, as demonstrated by /dcim/sites/add/ comments...
Alibaba Cloud Linux 3 : 0038: libwebp (ALINUX3-SA-2021:0038)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0038 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-25011: A flaw was found in libweb...
ROS-2-1453
2.1453 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
CVE-2023-25011
creationtimestamp| type| source ---|---|--- 2023-02-15 07:36:33+00:00| seen| https://t.me/cibsecurity/58215 2025-03-19 16:18:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8091...
CVE-2023-25011
PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges...
CVE-2023-25011
PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges...
CVE-2023-25011
PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges...
CVE-2023-25011
The CVE-2023-25011 entry concerns NEC PC Settings Tool (Library) shipped with NEC systems. Affected versions are PC Settings Tool 10.x (specifically 10.1.26.0 and earlier) and 11.x (11.0.22.0 and earlier). The root cause is missing authentication for critical functions, enabling a user with stand...
CVE-2023-25011
PC settings tool Ver10.1.26.0 and earlier, PC settings tool Ver11.0.22.0 and earlier allows a attacker to write to the registry as administrator privileges with standard user privileges...
CVE-2023-22369
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-25011. Reason: This candidate is a duplicate of CVE-2023-25011. Notes: All CVE users should reference CVE-2023-25011 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...