21 matches found
CVE-2026-25268
creationtimestamp| type| source ---|---|--- 2026-07-06 21:16:39+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116875106650288268 2026-07-06 21:17:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpyzah6sux2v 2026-07-07 16:45:20+00:00| seen|...
CVE-2018-25268
creationtimestamp| type| source ---|---|--- 2026-04-22 17:02:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3xzd6sia2v 2026-05-31 08:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mn54cagsak26...
CVE-2019-25268
creationtimestamp| type| source ---|---|--- 2026-01-08 01:11:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbusffkbjm2e 2026-01-08 21:03:03+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mbwuxwpgin2r...
CVE-2019-25268
This CVE affects NREL BEopt 2.8.0.0 . The vulnerability is a DLL hijacking issue caused by insecure loading of libraries, allowing an attacker to place malicious libraries on WebDAV or SMB shares (e.g., sdl2.dll and libegl.dll ) and execute arbitrary code when a user opens the application. Impact...
CVE-2025-25268
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication...
CVE-2025-25268
creationtimestamp| type| source ---|---|--- 2025-07-08 07:09:17+00:00| seen| https://infosec.exchange/users/certvde/statuses/114816355954472736 2025-07-08 07:10:35+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqm2dg2r72 2025-07-08 09:51:56+00:00| seen|...
CVE-2025-25268 Unauthenticated Configuration Access via Exposed API Endpoint
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication...
CVE-2025-25268 Unauthenticated Configuration Access via Exposed API Endpoint
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an API-endpoint resulting in read and write access due to missing authentication...
CVE-2022-25268
Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems...
CVE-2021-25268
Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA...
CVE-2020-25268
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data...
CVE-2024-8848
PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2024-8848
PDF-XChange Editor (AcroForm) vulnerability CVE-2024-8848 is an out-of-bounds read that can disclose sensitive information. The flaw occurs in AcroForms handling due to improper validation, potentially allowing a read past the end of an allocated object. The NVD notes remote information disclosur...
CVE-2024-8848 PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2021-25268
creationtimestamp| type| source ---|---|--- 2022-05-05 22:37:02+00:00| seen| https://t.me/cibsecurity/42058...
CVE-2021-25268
CVE-2021-25268 describes multiple XSS flaws in Sophos Firewall Webadmin that enable privilege escalation from a MySophos admin to an SFOS admin on systems running Sophos Firewall older than version 19.0 GA. The root cause is XSS in the Webadmin interface leading to higher-privilege access. Docume...
CVE-2022-25268
creationtimestamp| type| source ---|---|--- 2022-03-24 01:29:11+00:00| seen| https://t.me/cibsecurity/39471...
CVE-2022-25268
Passwork On-Premise Edition is affected by a CSRF vulnerability in versions prior to 4.6.13. The issue enables cross-site request forgery via the likely exposed subsystems for groups, password, and history. Root cause, as described across sources, is a CSRF flaw in the application’s handling of t...
CVE-2020-25268
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data...
CVE-2020-25268
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data...