Lucene search
K

22 matches found

Circl
Circl
added 2026/03/07 3:8 a.m.3 views

CVE-2026-25072

creationtimestamp| type| source ---|---|--- 2026-03-07 03:08:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mggtxpxuoi2y...

9.8CVSS5.8AI score0.00495EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-25072

Malware in sbrugna...

7.8CVSS7.4AI score0.00832EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-25072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a...

7.5CVSS7.2AI score0.01134EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.10 views

CVE-2023-25072

Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product...

7.5CVSS7.4AI score0.00831EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:4 a.m.7 views

CVE-2022-25072

TP-Link Archer A54 Archer A54USV1210111 routers were discovered to contain a stack overflow in the function DM Fillobjbystr. This vulnerability allows unauthenticated attackers to execute arbitrary code...

10CVSS8.6AI score0.13034EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:35 a.m.7 views

CVE-2019-25072

Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector...

7.5CVSS6.6AI score0.01134EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/07 10:11 a.m.6 views

CVE-2025-25072 WordPress WP Admin Custom Page plugin <= 1.5.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in thunderbax WP Admin Custom Page wp-admin-custom-page allows Stored XSS.This issue affects WP Admin Custom Page: from n/a through = 1.5.0...

7.1CVSS8.6AI score0.00144EPSS
Exploits0References1
CVE
CVE
added 2025/02/07 10:11 a.m.60 views

CVE-2025-25072

CVE-2025-25072 concerns the WP Admin Custom Page plugin (WordPress) with a CSRF to Stored XSS vulnerability affecting versions up to 1.5.0. The connected documents confirm the affected software and root cause (CSRF enabling stored XSS) but do not provide a confirmed fixed version in the supplied ...

7.1CVSS7.2AI score0.00144EPSS
Exploits0References1
CVE
CVE
added 2023/05/10 12:0 a.m.47 views

CVE-2023-25072

CVE-2023-25072 affects Seiko Solutions SkyBridge MB-A100/110 (firmware v4.2.0 and earlier). The weakness is use of weak credentials, which may let a remote unauthenticated attacker decrypt the WebUI password. Affected components are the SkyBridge WebUI authentication/credential handling; root cau...

7.5CVSS7.7AI score0.00831EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/10 12:0 a.m.10 views

CVE-2023-25072

Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product...

8.2AI score0.00831EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/05/10 12:0 a.m.16 views

CVE-2023-25072

Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier, which may allow a remote unauthenticated attacker to decrypt password for the WebUI of the product...

8.4AI score0.00831EPSS
Exploits0References6
Circl
Circl
added 2023/01/08 4:26 p.m.5 views

CVE-2018-25072

creationtimestamp| type| source ---|---|--- 2023-01-08 16:26:40+00:00| seen| https://t.me/cibsecurity/56136...

9.8CVSS6.9AI score0.00653EPSS
Exploits0References1
CVE
CVE
added 2023/01/08 12:24 p.m.47 views

CVE-2018-25072

CVE-2018-25072 affects lojban jbovlaste. The vulnerability exists in an unknown part of dict/listing.html and allows remote SQL injection due to improper handling of input. It is classified as critical. A patch is available: 6ff44c2e87b1113eb07d76ea62e1f64193b04d15, and applying it is recommended...

9.8CVSS8.4AI score0.00653EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/01/08 12:24 p.m.18 views

CVE-2018-25072 lojban jbovlaste listing.html sql injection

A vulnerability classified as critical has been found in lojban jbovlaste. This affects an unknown part of the file dict/listing.html. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The patch is named 6ff44c2e87b1113eb07d76ea62e1f64193b04d15. It is...

6.5CVSS10AI score0.00653EPSS
Exploits0References3
Circl
Circl
added 2022/12/28 12:12 a.m.5 views

CVE-2019-25072

creationtimestamp| type| source ---|---|--- 2022-12-28 00:12:07+00:00| seen| https://t.me/cibsecurity/55455 2025-04-11 16:50:56+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11449...

7.5CVSS7.1AI score0.01134EPSS
Exploits0References2
OSV
OSV
added 2022/12/27 10:15 p.m.4 views

UBUNTU-CVE-2019-25072

Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector...

7.5CVSS7AI score0.01134EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/12/27 9:13 p.m.5 views

CVE-2019-25072 Uncontrolled resource consumption in github.com/tendermint/tendermint

Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector...

7.3AI score0.01134EPSS
Exploits0References3
CVE
CVE
added 2022/12/27 9:13 p.m.108 views

CVE-2019-25072

CVE-2019-25072 describes an uncontrolled resource consumption vulnerability in Tendermint/tendermint due to support of gzip compression in request bodies and no limit on response body sizes. A malicious server can cause a target client to exhaust CPU/memory, enabling a denial-of-service vector. T...

7.5CVSS7.2AI score0.01134EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2022/12/27 9:13 p.m.23 views

CVE-2019-25072

Removed by vendor...

7.5CVSS7.5AI score0.01134EPSS
Exploits0
CVE
CVE
added 2022/02/22 10:44 p.m.82 views

CVE-2022-25072

TP-Link Archer A54 routers (US_V1_210111) are affected by a stack overflow in the DM_Fillobjbystr() function. The root cause is a stack overflow vulnerability that allows unauthenticated attackers to execute arbitrary code, as indicated across CVE-2022-25072 records. The reported impact is unauth...

10CVSS10AI score0.13034EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder