CVE-2026-25484

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, there is a Stored XSS via Product Type names. The name is not sanitized when displayed in user permissions settings. The vulnerable input source is in Commerce Product Type setting...

CVE-2023-25484

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Oliver Schlöbe Simple Yearly Archive plugin = 2.1.8 versions...

CVE-2021-25484

Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event...

Linux Distros Unpatched Vulnerability : CVE-2022-25484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcpprep v4.4.1 has a reachable assertion assertl2len 0 in packet2tree at tree.c in tcpprep v4.4.1. CVE-2022-25484 Note that Nessus relies on the presence of the...

CVE-2023-25484

creationtimestamp| type| source ---|---|--- 2023-04-25 20:24:53+00:00| seen| https://t.me/cibsecurity/62815...

CVE-2023-25484

CVE-2023-25484 affects the WordPress plugin Simple Yearly Archive (Oliver Schlöbe) up to version 2.1.8. It is a Stored XSS vulnerability that requires admin+ authentication to exploit. Public sources specify the vulnerable component as the plugin’s code handling user input, with the impact descri...

CVE-2023-25484 WordPress Simple Yearly Archive Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Oliver Schlöbe Simple Yearly Archive plugin = 2.1.8 versions...

WordPress Simple Yearly Archive Plugin <= 2.1.8 is vulnerable to Cross Site Scripting (XSS)

Software Simple Yearly Archive Type Plugin Vulnerable versions = 2.1.8 Fixed in 2.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25484 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ee23c5ebc5db Credits Rio Darmawan...

Security fix for the ALT Linux 9 package tcpreplay version 4.4.2-alt1

4.4.2-alt1 built Nov. 30, 2022 Anton Farygin in task 310755 Nov. 28, 2022 Anton Farygin - 4.4.2 Fixes: CVE-2022-28487, CVE-2022-27942, CVE-2022-27940, CVE-2022-37047, CVE-2022-37049, CVE-2022-27939, CVE-2022-25484, CVE-2022-27941...

CVE-2022-25484

tcpprep v4.4.1 has a reachable assertion assertl2len 0 in packet2tree at tree.c in tcpprep v4.4.1...

CVE-2022-25484

CVE-2022-25484 affects tcpreplay’s 4.4.1 release, specifically the tcpprep component. The primary vulnerability details in the initial CVE describe a reachable assertion (assert(l2len &gt; 0)) in packet2tree() within tree.c (tcpprep 4.4.1). Connected sources corroborate multiple memory/heap-relat...

CVE-2021-25484

The CVE-2021-25484 entry concerns an improper authentication flaw in InputManagerService. Affected component: InputManagerService (Samsung SMR prior to Oct-2021 Release 1). Impact stated: it allows monitoring the touch event. Documented references indicate a Samsung security update (securityUpdat...