CVE-2018-25423

creationtimestamp| type| source ---|---|--- 2026-05-30 17:48:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn3mdk2xqu2a...

CVE-2018-25423 Arm Whois 3.11 Denial of Service via Buffer Overflow

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 bytes into the IP address or domain input field to trigger a denial of service condition...

CVE-2026-25423

Missing Authorization vulnerability in creativeinteractivemedia Real 3D FlipBook real3d-flipbook-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real 3D FlipBook: from n/a through = 4.19.1...

CVE-2019-25423

Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with JavaScript payloads in parameters like...

CVE-2019-25423

Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with JavaScript payloads in parameters like...

CVE-2019-25423 Comodo Dome Firewall 2.7.0 Cross-Site Scripting via proxyconfig

Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. Attackers can submit crafted POST requests with JavaScript payloads in parameters like...

CVE-2019-25423

CVE-2019-25423 affects Comodo Dome Firewall 2.7.0 with reflected XSS in the /korugan/proxyconfig endpoint. The vulnerability arises from crafted POST parameters (e.g., PROXY_PORT, VISIBLE_HOSTNAME, ADMIN_MAIL_ADDRESS, CACHE_MEM, MAX_SIZE, MIN_SIZE, DST_NOCACHE) that can inject JavaScript, allowin...

CVE-2024-25423

An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitrary code via a crafted c4dbase.xdl64 file...

CVE-2024-25423

MAXON CINEMA 4D R2024.2.0 is affected. A local attacker can execute arbitrary code via a crafted c4d_base.xdl64 file, as described in multiple sources (PT-2024-20936, NVD/Red Hat entries). No patch details are provided in the connected docs; a temporary workaround suggested by PT-2024-20936 is to...

CVE-2021-25423

The CVE-2021-25423 entry concerns Samsung Watch Active2 PlugIn before version 2.2.08.21033151, where improper log management can cause a logged Wi‑Fi password from the user’s smartphone to be leaked by attackers with log permissions. Affected component is the Watch Active2 PlugIn (Sony?) on weara...