CVE-2019-25477

RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration...

CVE-2019-25477

RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration...

CVE-2026-25477

creationtimestamp| type| source ---|---|--- 2026-03-03 00:30:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg4jcfzlfs2n...

CVE-2026-25477

AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.26.0, there is an Open Redirect vulnerability located at the /redirect-proxy endpoint. The flaw exists in the domain validation logic, where an improperly anchored Regular Expression allows an attacker to...

CVE-2021-25477

An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service...

CVE-2025-25477

creationtimestamp| type| source ---|---|--- 2025-02-27 23:25:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5812 2025-02-28 01:53:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lj7ccv5fxx2w 2025-02-28 03:38:48+00:00| seen|...

CVE-2025-25477

A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser...

CVE-2022-25477

creationtimestamp| type| source ---|---|--- 2024-10-27 16:49:25+00:00| published-proof-of-concept| https://t.me/Rootsec2/4876 2024-10-28 13:32:54+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/11344 2024-11-21 04:19:04+00:00| published-proof-of-concept|...

CVE-2022-25477

The CVE-2022-25477 issue affects Realtek RtsPer.sys (PCIe Card Reader) and Realtek RtsUer.sys (USB Card Reader). Affected versions are RtsPer before 10.0.22000.21355 and RtsUer before 10.0.22000.31274. The vulnerability leaks driver logs that contain addresses of kernel-mode objects, weakening KA...

CVE-2023-25477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Yotuwp Video Gallery plugin = 1.3.12 versions...

CVE-2023-25477

CVE-2023-25477 is a stored XSS in the WordPress plugin Yotuwp Video Gallery (versions

WordPress Video Gallery Plugin <= 1.3.12 is vulnerable to Cross Site Scripting (XSS)

Software Video Gallery Type Plugin Vulnerable versions = 1.3.12 Fixed in 1.3.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25477 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 69f2f538600b Credits Abdi Pranata Required...

CVE-2021-25477

creationtimestamp| type| source ---|---|--- 2021-10-06 22:32:26+00:00| seen| https://t.me/cibsecurity/30093...

CVE-2021-25477

CVE-2021-25477 affects Mediatek RRC Protocol stack; improper error handling could cause a modem crash and remote DoS. Root cause described as error handling weakness in the Mediatek RRC stack prior to SMR Oct-2021 Release 1. Documented impact is network-exposed denial of service with potential av...

CVE-2021-25477

An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service...