MiracleLinux 9 : apr-util-1.6.1-20.el9.1 (AXSA:2023-5974:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5974:02 advisory. apr-util: out-of-bounds writes in the aprbase64 CVE-2022-25147 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 7 : apr-util-1.5.2-6.el7.1 (AXSA:2023-5435:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5435:01 advisory. apr-util: out-of-bounds writes in the aprbase64 CVE-2022-25147 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 8 : apr-util-1.6.1-6.el8.1 (AXSA:2023-6139:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6139:03 advisory. apr-util: out-of-bounds writes in the aprbase64 CVE-2022-25147 Tenable has extracted the preceding description block directly from the MiracleLinux security...

CVE-2018-25147

creationtimestamp| type| source ---|---|--- 2025-12-24 21:16:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mar6qhrwml2u...

TencentOS Server 4: apr-util (TSSA-2025:0144)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0144 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 2: apr-util (TSSA-2023:0068)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0068 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: apr-util (TSSA-2023:0073)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0073 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ABB M2M Gateway Out-Of-Bound Write in embedded Apr-util (CVE-2022-25147)

Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions. This plugin only works with Tenable.ot. Plea...

Security Bulletin: IBM Engineering Requirements Management DOORS/DWA vulnerabilities addressed in 9.7.2.9

Summary Apache Portable Runtime, The Expat XML Parser and DOORS Web Access are identified as vulnerable components with multiple reported vulnerabilities. The IBM Engineering Requirements Management DOORS/DWA product version 9.7.2.8 is vulnerable to the below mentioned CVEs. Remediation actions a...

CVE-2025-25147

Cross-Site Request Forgery CSRF vulnerability in Phillip.Gooch Auto SEO auto-seo allows Stored XSS.This issue affects Auto SEO: from n/a through = 2.5.6...

CVE-2025-25147 WordPress Auto SEO plugin <= 2.5.6 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Phillip.Gooch Auto SEO auto-seo allows Stored XSS.This issue affects Auto SEO: from n/a through = 2.5.6...

CVE-2025-25147 WordPress Auto SEO plugin <= 2.5.6 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Phillip.Gooch Auto SEO allows Stored XSS. This issue affects Auto SEO: from n/a through 2.5.6...

CVE-2025-25147

CVE-2025-25147 is a CSRF-to-Stored-XSS vulnerability in the WordPress plugin Auto SEO (versions n/a through 2.5.6). The connected sources confirm the issue class and affected range, with remediation noted as updating to a version later than 2.5.6. The Wordfence vulnerability page lists the patch ...

Huawei EulerOS: Security Advisory for apr-util (EulerOS-SA-2024-2256)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : apr-util Vulnerability (NS-SA-2024-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has apr-util packages installed that are affected by a vulnerability: - Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds o...

openSUSE: Security Advisory for apr (SUSE-SU-2023:0389-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-25147

creationtimestamp| type| source ---|---|--- 2024-02-21 03:21:20+00:00| seen| https://t.me/ctinow/189141 2024-02-21 03:31:47+00:00| seen| https://t.me/ctinow/189149 2024-02-22 04:08:03+00:00| seen| https://t.me/arpsyndicate/3916 2025-04-22 17:03:17+00:00| seen|...

CVE-2024-25147

Cross-site scripting XSS vulnerability in HtmlUtil.escapeJsLink in Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML v...

CVE-2024-25147

Cross-site scripting XSS vulnerability in HtmlUtil.escapeJsLink in Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML v...

CVE-2024-25147

Cross-site scripting XSS vulnerability in HtmlUtil.escapeJsLink in Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before service pack 3, 7.2 before fix pack 15, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML v...