27 matches found
Oracle Linux 9 : .NET / 9.0 (ELSA-2026-25221)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-25221 advisory. 9.0.118-1.0.1 - Add support for Oracle Linux 9.0.118-1 - Update to .NET SDK 9.0.118 and Runtime 9.0.17 - Resolves: RHEL-181553 9.0.117-1 - Update to...
CVE-2018-25221
creationtimestamp| type| source ---|---|--- 2026-03-28 14:46:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi4urd76wy2z 2026-04-02 20:40:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mik2ufvujj2f 2026-04-12 04:22:31+00:00| seen|...
CVE-2019-25221
creationtimestamp| type| source ---|---|--- 2024-12-13 03:26:46+00:00| seen| https://infosec.exchange/users/cve/statuses/113643382736643548 2024-12-13 05:43:48+00:00| seen| https://t.me/cvedetector/12821...
CVE-2019-25221 Responsive Filterable Portfolio <=1.0.8 - Authenticated (Admin+) SQL Injection
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...
CVE-2019-25221 Responsive Filterable Portfolio <=1.0.8 - Authenticated (Admin+) SQL Injection
The Responsive Filterable Portfolio plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...
CVE-2019-25221
CVE-2019-25221 affects the WordPress plugin Responsive Filterable Portfolio (versions ≤ 1.0.8). Root cause: insufficient escaping and lack of prepared statements in the SQL query, via the id parameter, enabling unauthenticated SQL injection to extract DB data. Evidence indicates the vendor patche...
USN-6659-1: libde265 vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : libde265 vulnerabilities (USN-6659-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6659-1 advisory. It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into...
USN-6659-1: libde265 vulnerabilities
It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-43244, CVE-2022-43249, CVE-2022-43250,...
CVE-2024-25221
creationtimestamp| type| source ---|---|--- 2024-02-16 23:16:55+00:00| seen| https://t.me/ctinow/186681 2024-03-06 15:46:08+00:00| seen| https://t.me/ctinow/201454...
CVE-2024-25221
A cross-site scripting XSS vulnerability in Task Manager App v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note Section parameter at /TaskManager/Tasks.php...
CVE-2024-25221
CVE-2024-25221 affects Task Manager App v1.0, where a reflected XSS can be triggered via the Note Section parameter in /TaskManager/Tasks.php. The CVE entry lists a CVSS v3.1 base score of 6.1 (Medium) with network attack vector, low attack complexity, no privileges, user interaction required, an...
Mageia: Security Advisory (MGASA-2023-0093)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3352-1] libde265 security update
Debian LTS Advisory DLA-3352-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost March 04, 2023 https://wiki.debian.org/LTS Package : libde265 Version : 1.0.11-0+deb10u4 CVE ID : CVE-2023-24751 CVE-2023-24752 CVE-2023-24754 CVE-2023-24755 CVE-2023-24756 CVE-2023-24757...
CVE-2023-25221
creationtimestamp| type| source ---|---|--- 2023-03-01 18:33:52+00:00| seen| https://t.me/cibsecurity/59251...
CVE-2023-25221
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derivespatiallumavectorprediction function in motion.cc...
CVE-2023-25221
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derivespatiallumavectorprediction function in motion.cc...
CVE-2023-25221
CVE-2023-25221 affects libde265 v1.0.10, with a heap-buffer-overflow in derive_spatial_luma_vector_prediction (motion.cc). The vulnerability is tracked across multiple advisories and Debian notes, with the issue fixed in libde265-1.0.11 (per Debian DLA-3352-1) and showcased in Mageia's update to ...
CVE-2023-25221
Libde265 v1.0.10 was discovered to contain a heap-buffer-overflow vulnerability in the derivespatiallumavectorprediction function in motion.cc...
CVE-2022-25221
Money Transfer Management System Version 1.0 allows an attacker to inject JavaScript code in the URL and then trick a user into visit the link in order to execute JavaScript code...