CVE-2018-25301

Easy MPEG to DVD Burner 1.7.11 contains a local SEH-based buffer overflow in the username handling that can enable local code execution by craft­ing a payload (junk data, SEH chain pointers, and shellcode) to overwrite the SEH handler and redirect execution (e.g., to run calc.exe). This CVE’s imp...

CVE-2025-25301

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

CVE-2025-25301

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

adversarial-attacks-white-black-box (=0.1.7), americodraws (>=0.1.0 <=0.1.5) +90 more potentially affected by CVE-2025-25301 via rembg (>=2.0.57 <=2.0.75)

rembg PYPI version =2.0.57, =0.1.0, =0.0.64, =0.3.3, =0.1.0, =0.1.0, =2.0.2, =2.1.49 - damon-devtools =0.9.0 and more Source cves: CVE-2025-25301 Source advisory: SNYK:PYTHON-REMBG-9296372...

CVE-2025-25301 Rembg allows SSRF via /api/remove

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

CVE-2025-25301 Rembg allows SSRF via /api/remove

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

CVE-2025-25301

Summary: Rembg (Python) versions up to and including 2.0.57 are affected by an SSRF vulnerability in the /api/remove endpoint. The endpoint accepts a URL query parameter to fetch, process, and return an image, which can enable an attacker to request internal-network resources hosted by the rembg ...

CVE-2024-25301

creationtimestamp| type| source ---|---|--- 2024-02-14 20:26:27+00:00| seen| https://t.me/ctinow/184979...

CVE-2024-25301

Redaxo v5.15.1 was discovered to contain a remote code execution RCE vulnerability via the component /pages/templates.php...

CVE-2022-25301

All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype...

CVE-2022-25301 Prototype Pollution

All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype...

jsgui-node-file-metadata (=0.3.8), jsgui-node-fs2-core (>=0.1.0 <=0.1.5) +7 more potentially affected by CVE-2022-25301 via jsgui-lang-essentials (>=0.3.8 <=0.4.3)

jsgui-lang-essentials NPM version =0.3.8, =0.1.0, =0.1.0, =0.1.0, =0.3.8, =0.3.8, =0.3.35 Source cves: CVE-2022-25301 Source advisory: SNYK:JS-JSGUILANGESSENTIALS-2316897...