21 matches found
CVE-2018-25249
MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through arcade game score comments. Attackers can add crafted HTML and JavaScript payloads in the comment field that execute when other users view or edit...
CVE-2018-25249
CVE-2018-25249 concerns the MyBB My Arcade Plugin 1.3, which contains a persistent cross-site scripting (XSS) vulnerability in the arcade game score comments. The issue allows authenticated users to inject HTML/JavaScript payloads in the comment field, which execute when other users view or edit ...
CVE-2025-25249
creationtimestamp| type| source ---|---|--- 2026-01-13 17:25:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcd34sceo22g 2026-01-13 17:35:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcd3qaek542y 2026-01-14 04:04:20+00:00| seen|...
Fortinet Fortigate Heap-based buffer overflow in cw_acd daemon (FG-IR-25-084)
The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-084 advisory. - A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS...
CVE-2019-25249
creationtimestamp| type| source ---|---|--- 2025-12-24 20:25:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mar3uxll7s2b 2025-12-24 20:25:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mar3vq4pwh2a 2025-12-24 21:58:45+00:00| seen|...
CVE-2024-25249
creationtimestamp| type| source ---|---|--- 2024-02-21 21:31:52+00:00| seen| https://t.me/ctinow/190088 2024-02-21 21:36:34+00:00| seen| https://t.me/ctinow/190098 2024-02-22 20:25:54+00:00| seen| https://t.me/arpsyndicate/4034...
CVE-2024-25249
An issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...
CVE-2024-25249
An issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...
CVE-2024-25249
CVE-2024-25249 affects He3 App for macOS (version 2.0.17). The issue allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings in the app, with CVSSv3.1 base score 9.8 (CRITICAL) and attack vector/network, requiring no privileges and no user in...
CVE-2024-25249
An issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...
CVE-2022-25249
creationtimestamp| type| source ---|---|--- 2022-03-16 17:33:44+00:00| seen| https://t.me/cibsecurity/39075...
CVE-2022-25249
When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions disregarding Axeda agent v6.9.2 and v6.9.3 is vulnerable to directory traversal, which could allow a remote unauthenticated attacker to obtain file system read access via web server...
CVE-2022-25249
When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions disregarding Axeda agent v6.9.2 and v6.9.3 is vulnerable to directory traversal, which could allow a remote unauthenticated attacker to obtain file system read access via web server...
CVE-2022-25249 PTC Axeda agent and Axeda Desktop Server Path Traversal
When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions disregarding Axeda agent v6.9.2 and v6.9.3 is vulnerable to directory traversal, which could allow a remote unauthenticated attacker to obtain file system read access via web server...
CVE-2022-25249 PTC Axeda agent and Axeda Desktop Server Path Traversal
When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions disregarding Axeda agent v6.9.2 and v6.9.3 is vulnerable to directory traversal, which could allow a remote unauthenticated attacker to obtain file system read access via web server...
CVE-2022-25249
CVE-2022-25249 affects PTC Axeda agent and Axeda Desktop Server for Windows. All Axeda agent versions (except v6.9.2 and v6.9.3) are vulnerable to a path traversal flaw in the web server that could allow a remote, unauthenticated attacker to obtain read access to the file system via a port used b...
CVE-2021-25249
creationtimestamp| type| source ---|---|--- 2021-02-04 22:34:24+00:00| seen| https://t.me/cibsecurity/23115...
CVE-2021-25249
CVE-2021-25249 involves an out-of-bounds write information disclosure in Trend Micro Apex One (on‑prem and SaaS), OfficeScan XG SP1, and Worry‑Free Business Security (10.0 SP1/Services). The connected ZDI advisory details a local privilege escalation flaw in the TmCCSF.exe component, caused by la...
CVE-2020-25249
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. The server typically logs activity only when a client application specifies that logging is desired. This can be problematic for use cases in...
CVE-2020-25249
An issue was discovered in Hyland OnBase 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. The server typically logs activity only when a client application specifies that logging is desired. This can be problematic for use cases in...