Lucene search
K

21 matches found

Circl
Circl
added 4 days ago5 views

CVE-2026-25268

creationtimestamp| type| source ---|---|--- 2026-07-06 21:16:39+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116875106650288268 2026-07-06 21:17:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpyzah6sux2v 2026-07-07 16:45:20+00:00| seen|...

8.8CVSS5.9AI score0.00072EPSS
Exploits0References4
Circl
Circl
added 2026/04/22 5:2 p.m.4 views

CVE-2018-25268

creationtimestamp| type| source ---|---|--- 2026-04-22 17:02:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3xzd6sia2v 2026-05-31 08:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mn54cagsak26...

8.6CVSS5.8AI score0.00201EPSS
Exploits1References2
Circl
Circl
added 2026/01/08 1:11 a.m.6 views

CVE-2019-25268

creationtimestamp| type| source ---|---|--- 2026-01-08 01:11:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbusffkbjm2e 2026-01-08 21:03:03+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mbwuxwpgin2r...

9.8CVSS5.8AI score0.00371EPSS
Exploits1References2
CVE
CVE
added 2026/01/07 11:9 p.m.17 views

CVE-2019-25268

This CVE affects NREL BEopt 2.8.0.0 . The vulnerability is a DLL hijacking issue caused by insecure loading of libraries, allowing an attacker to place malicious libraries on WebDAV or SMB shares (e.g., sdl2.dll and libegl.dll ) and execute arbitrary code when a user opens the application. Impact...

9.8CVSS7AI score0.00371EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/07/10 7:24 a.m.8 views

CVE-2025-25268

An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication...

8.8CVSS7.2AI score0.00299EPSS
Exploits0References1
Circl
Circl
added 2025/07/08 7:9 a.m.6 views

CVE-2025-25268

creationtimestamp| type| source ---|---|--- 2025-07-08 07:09:17+00:00| seen| https://infosec.exchange/users/certvde/statuses/114816355954472736 2025-07-08 07:10:35+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqm2dg2r72 2025-07-08 09:51:56+00:00| seen|...

8.8CVSS7.3AI score0.00299EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/08 7:0 a.m.11 views

CVE-2025-25268 Unauthenticated Configuration Access via Exposed API Endpoint

An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication...

8.8CVSS0.00299EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/08 7:0 a.m.2 views

CVE-2025-25268 Unauthenticated Configuration Access via Exposed API Endpoint

An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication...

8.8CVSS7.2AI score0.00299EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.9 views

CVE-2022-25268

Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems...

8.8CVSS7AI score0.00401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:25 p.m.6 views

CVE-2021-25268

Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA...

8.4CVSS6.6AI score0.00988EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:49 p.m.7 views

CVE-2020-25268

Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data...

8.8CVSS7.7AI score0.02315EPSS
Exploits1
NVD
NVD
added 2024/11/22 9:15 p.m.18 views

CVE-2024-8848

PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

5.5CVSS0.00261EPSS
Exploits0References1
CVE
CVE
added 2024/11/22 9:5 p.m.46 views

CVE-2024-8848

PDF-XChange Editor (AcroForm) vulnerability CVE-2024-8848 is an out-of-bounds read that can disclose sensitive information. The flaw occurs in AcroForms handling due to improper validation, potentially allowing a read past the end of an allocated object. The NVD notes remote information disclosur...

5.5CVSS3.4AI score0.00261EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2024/11/22 9:5 p.m.20 views

CVE-2024-8848 PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability

PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...

3.3CVSS0.00261EPSS
Exploits0References1
Circl
Circl
added 2022/05/05 10:37 p.m.7 views

CVE-2021-25268

creationtimestamp| type| source ---|---|--- 2022-05-05 22:37:02+00:00| seen| https://t.me/cibsecurity/42058...

8.4CVSS8AI score0.00988EPSS
Exploits0References1
CVE
CVE
added 2022/05/05 6:5 p.m.77 views

CVE-2021-25268

CVE-2021-25268 describes multiple XSS flaws in Sophos Firewall Webadmin that enable privilege escalation from a MySophos admin to an SFOS admin on systems running Sophos Firewall older than version 19.0 GA. The root cause is XSS in the Webadmin interface leading to higher-privilege access. Docume...

8.4CVSS8.3AI score0.00988EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2022/03/24 1:29 a.m.5 views

CVE-2022-25268

creationtimestamp| type| source ---|---|--- 2022-03-24 01:29:11+00:00| seen| https://t.me/cibsecurity/39471...

8.8CVSS7.3AI score0.00401EPSS
Exploits0References1
CVE
CVE
added 2022/03/23 10:6 p.m.105 views

CVE-2022-25268

Passwork On-Premise Edition is affected by a CSRF vulnerability in versions prior to 4.6.13. The issue enables cross-site request forgery via the likely exposed subsystems for groups, password, and history. Root cause, as described across sources, is a CSRF flaw in the application’s handling of t...

8.8CVSS8.7AI score0.00401EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2020/11/10 10:15 p.m.22 views

CVE-2020-25268

Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data...

8.8CVSS9AI score0.02315EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/11/10 9:46 p.m.23 views

CVE-2020-25268

Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data...

9.1AI score0.02315EPSS
Exploits1References1
Rows per page
Query Builder