22 matches found
CVE-2026-25072
creationtimestamp| type| source ---|---|--- 2026-03-07 03:08:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mggtxpxuoi2y...
EUVD-2021-25072
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-25072
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a...
CVE-2023-25072
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product...
CVE-2022-25072
TP-Link Archer A54 Archer A54USV1210111 routers were discovered to contain a stack overflow in the function DM Fillobjbystr. This vulnerability allows unauthenticated attackers to execute arbitrary code...
CVE-2019-25072
Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector...
CVE-2025-25072 WordPress WP Admin Custom Page plugin <= 1.5.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in thunderbax WP Admin Custom Page wp-admin-custom-page allows Stored XSS.This issue affects WP Admin Custom Page: from n/a through = 1.5.0...
CVE-2025-25072
CVE-2025-25072 concerns the WP Admin Custom Page plugin (WordPress) with a CSRF to Stored XSS vulnerability affecting versions up to 1.5.0. The connected documents confirm the affected software and root cause (CSRF enabling stored XSS) but do not provide a confirmed fixed version in the supplied ...
CVE-2023-25072
CVE-2023-25072 affects Seiko Solutions SkyBridge MB-A100/110 (firmware v4.2.0 and earlier). The weakness is use of weak credentials, which may let a remote unauthenticated attacker decrypt the WebUI password. Affected components are the SkyBridge WebUI authentication/credential handling; root cau...
CVE-2023-25072
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product...
CVE-2023-25072
Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product...
CVE-2018-25072
creationtimestamp| type| source ---|---|--- 2023-01-08 16:26:40+00:00| seen| https://t.me/cibsecurity/56136...
CVE-2018-25072
CVE-2018-25072 affects lojban jbovlaste. The vulnerability exists in an unknown part of dict/listing.html and allows remote SQL injection due to improper handling of input. It is classified as critical. A patch is available: 6ff44c2e87b1113eb07d76ea62e1f64193b04d15, and applying it is recommended...
CVE-2018-25072 lojban jbovlaste listing.html sql injection
A vulnerability classified as critical has been found in lojban jbovlaste. This affects an unknown part of the file dict/listing.html. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The patch is named 6ff44c2e87b1113eb07d76ea62e1f64193b04d15. It is...
CVE-2019-25072
creationtimestamp| type| source ---|---|--- 2022-12-28 00:12:07+00:00| seen| https://t.me/cibsecurity/55455 2025-04-11 16:50:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11449...
UBUNTU-CVE-2019-25072
Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector...
CVE-2019-25072 Uncontrolled resource consumption in github.com/tendermint/tendermint
Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector...
CVE-2019-25072
CVE-2019-25072 describes an uncontrolled resource consumption vulnerability in Tendermint/tendermint due to support of gzip compression in request bodies and no limit on response body sizes. A malicious server can cause a target client to exhaust CPU/memory, enabling a denial-of-service vector. T...
CVE-2019-25072
Removed by vendor...
CVE-2022-25072
TP-Link Archer A54 routers (US_V1_210111) are affected by a stack overflow in the DM_Fillobjbystr() function. The root cause is a stack overflow vulnerability that allows unauthenticated attackers to execute arbitrary code, as indicated across CVE-2022-25072 records. The reported impact is unauth...