CVE-2018-25357

creationtimestamp| type| source ---|---|--- 2026-05-27 18:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmu3xgipzu2w...

Linux Distros Unpatched Vulnerability : CVE-2018-25357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code...

CVE-2026-25357

creationtimestamp| type| source ---|---|--- 2026-04-07 19:30:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3miwjbs7ga22h...

CVE-2026-25357

Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...

CVE-2019-25357

creationtimestamp| type| source ---|---|--- 2026-02-19 22:00:18+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfalr3bzaa2h...

CVE-2022-25357

Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference call join if it has a lock but not a PIN...

CVE-2021-25357

A pendingIntent hijacking vulnerability in Create Movie prior to SMR APR-2021 Release 1 in Android O8.x and P9.0, 3.4.81.1 in Android Q10,0, and 3.6.80.7 in Android R11.0 allows unprivileged applications to access contact information...

CVE-2025-25357

creationtimestamp| type| source ---|---|--- 2025-02-13 16:02:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113997416238600584 2025-02-13 16:17:20+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3li33mazbca2x 2025-02-13 17:12:42+00:00|...

CVE-2025-25357

A SQL Injection vulnerability was found in /admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the email POST request parameter...

CVE-2022-25357

Affected software: Pexip Infinity (27.x) prior to 27.2. Vulnerability: Improper access control that could allow an attacker to join a conference (call join) even if the meeting is locked but without a PIN. Root cause/unwrap: Access control error enabling joining a locked, PIN-less meeting. Impact...

CVE-2021-25357

CVE-2021-25357 describes a pendingIntent hijacking vulnerability in Samsung’s Create Movie component, allowing unprivileged apps to access contact information. Affected releases cover Android 8.x (O) and 9.0 (P) with SMR APR-2021 Release 1, Android 10 (Q) version 3.4.81.1, and Android 11 (R) vers...

Mercury Mail SMTP AUTH CRAM-MD5 Buffer Overflow

This module exploits a stack buffer overflow in Mercury Mail Transport System 4.51. By sending a specially crafted argument to the AUTH CRAM-MD5 command, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

Mercury Mail SMTP AUTH CRAM-MD5 buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4440 BID: 25357 OSVDB: 39669 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the SMTP service allows remote attackers to execute arbitrary commands by sending a specially craft...