CVE-2026-25165

CVE-2026-25165 is a Windows local privilege escalation affecting Performance Counters. The description notes a local attack with low privileges, no user interaction, and high impact on confidentiality, integrity, and availability. The underlying root cause and affected component details are not p...

CVE-2026-25165 Performance Counters for Windows Elevation of Privilege Vulnerability

...

CVE-2026-25165

creationtimestamp| type| source ---|---|--- 2026-03-10 16:57:37+00:00| seen| https://www.thezdi.com/blog/2026/3/10/the-march-2026-security-update-review 2026-03-10 19:07:55+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0080 2026-03-11 03:00:16+00:00| seen|...

EUVD-2022-25165

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-25165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A global-buffer-overflow vulnerability was found in SWFTools v0.9.2, in the function LineText at lib/swf5compiler.flex. CVE-2024-25165 Note that Nessus relies o...

CVE-2022-25165

An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the validation of VPN configuration files. This allows parameters outside of the AWS VPN Client allow list to be injected into the configuration file prior to the AWS VPN Client service running as SYSTEM...

CVE-2021-25165

A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform versions prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability...

CVE-2025-25165

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richardgabriel Staff Directory Plugin: Company Directory staff-directory-pro allows Stored XSS.This issue affects Staff Directory Plugin: Company Directory: from n/a through = 4.3...

CVE-2025-25165 WordPress Staff Directory Plugin: Company Directory Plugin <= 4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richardgabriel Staff Directory Plugin: Company Directory staff-directory-pro allows Stored XSS.This issue affects Staff Directory Plugin: Company Directory: from n/a through = 4.3...

CVE-2025-25165 WordPress Staff Directory Plugin: Company Directory Plugin <= 4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Staff Directory Plugin: Company Directory allows Stored XSS. This issue affects Staff Directory Plugin: Company Directory: from n/a through 4.3...

openSUSE: Security Advisory for trivy (openSUSE-SU-2023:0064-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-25165

A global-buffer-overflow vulnerability was found in SWFTools v0.9.2, in the function LineText at lib/swf5compiler.flex...

CVE-2024-25165

A global-buffer-overflow vulnerability was found in SWFTools v0.9.2, in the function LineText at lib/swf5compiler.flex...

CVE-2024-25165

SWFTools v0.9.2 is affected by a global-buffer-overflow in the LineText function (lib/swf5compiler.flex). Impacted component: SWFTools, version 0.9.2. Root cause: LineText reads or processes input without proper bounds checking. Reported across multiple feeds (NVD, CNVD, CNNVD, Red Hat, Ubuntu, O...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.0 bug fix and security update

Red Hat OpenShift Container Platform release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

SUSE SLES15 Security Update : terraform-provider-helm (SUSE-SU-2023:2100-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2100-1 advisory. - Helm is a tool that streamlines installing and managing Kubernetes applications.getHostByName is a Helm template function introduced in He...

SUSE-SU-2023:2100-1 Security update for terraform-provider-helm

This update for terraform-provider-helm fixes the following issues: Updated terraform-provider-helm to version 2.9.0: - CVE-2023-25165: Fixed getHostByName Function Information Disclosure by updating embedded helm package bsc1208086...

CVE-2023-25165 affecting package cert-manager for versions less than 1.7.3-8

CVE-2023-25165 affecting package cert-manager for versions less than 1.7.3-8. An upgraded version of the package is available that resolves this issue...

SUSE-SU-2023:1752-1 Security update for terraform-provider-helm

This update for terraform-provider-helm fixes the following issues: Updated terraform-provider-helm to version 2.9.0: - CVE-2023-25165: Fixed getHostByName Function Information Disclosure in helm embedded in the package bsc1208086...