CVE-2018-25427

creationtimestamp| type| source ---|---|--- 2026-06-01 23:28:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnbaawxpqt2w 2026-06-02 09:13:23+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mncawkjpq62y...

CVE-2019-25427

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the antispyware endpoint. Attackers can send POST requests with JavaScript payloads in the DNSMASQWHITELIST or DNSMASQBLACKLIST...

CVE-2019-25427

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the antispyware endpoint. Attackers can send POST requests with JavaScript payloads in the DNSMASQWHITELIST or DNSMASQBLACKLIST...

EUVD-2025-25427

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-25427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gfisomgettrackid function, which causes a denial ...

CVE-2022-25427

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function...

CVE-2021-25427

SQL injection vulnerability in Bluetooth prior to SMR July-2021 Release 1 allows unauthorized access to paired device information...

CVE-2020-25427

A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gfisomgettrackid function, which causes a denial of service...

CVE-2025-25427

creationtimestamp| type| source ---|---|--- 2025-04-18 02:53:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ln2mk6hd7c2u 2025-04-18 03:00:28+00:00| published-proof-of-concept| Telegram/l8rpmt9IEsaMir73BEzPWVwPlbkzU9EJpZeQ9myt0c4T-pE 2025-04-18 04:52:31+00:00| seen|...

CVE-2025-25427

A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 = Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload...

CVE-2025-25427 XSS in TP-Link TL-WR841N v14/v14.6/v14.8 Upnp page

A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 = Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload...

CVE-2025-25427 XSS in TP-Link TL-WR841N v14/v14.6/v14.8 Upnp page

A stored cross-site scripting XSS vulnerability in the upnp.htm page of the web Interface in TP-Link WR841N v14/v14.6/v14.8 = Build 241230 Rel. 50788n allows remote attackers to inject arbitrary JavaScript code via the port mapping description. This leads to an execution of the JavaScript payload...

CVE-2022-25427

creationtimestamp| type| source ---|---|--- 2022-03-18 23:23:06+00:00| seen| https://t.me/cibsecurity/39274...

CVE-2022-25427

Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter in the openSchedWifi function...

CVE-2022-25427

CVE-2022-25427 affects Tenda AC9, specifically v15.03.2.21. The openSchedWifi function contains a stack overflow via the schedendtime parameter, which CNVD/CNNVD reports as enabling arbitrary command execution. The NVD/CVE records classify impact as high/critical (network attack, no user interact...

CVE-2020-25427

creationtimestamp| type| source ---|---|--- 2022-01-11 00:14:58+00:00| seen| https://t.me/cibsecurity/35207...

CVE-2020-25427

GPAC’s MP4Box (version 0.8.0-rev177-g51a8ef874-master) is affected by a null pointer dereference in gf_isom_get_track_id, causing denial of service. Exploitation details are not provided in the supplied documents. Remediation: upgrade to GPAC 2.2.0 or newer (per GLSA-202408-21).

CVE-2021-25427

CVE-2021-25427 describes a SQL injection vulnerability in Bluetooth prior to the Samsung SMR July-2021 Release 1, enabling unauthorized access to data on paired devices. The vulnerability is tied to the Bluetooth module's handling of SQL statements, with documented impact being access to paired d...