CVE-2019-25520

creationtimestamp| type| source ---|---|--- 2026-03-18 00:40:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhcast6wsr2w...

CVE-2026-25520 SandboxJS has a Sandbox Escape

SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't wrapped. Object.values/Object.entries can be used to get an Array containing the host's Function constructor, by using Array.prototype.at you can obtain the hosts Function constructor, which can b...

CVE-2026-25520

creationtimestamp| type| source ---|---|--- 2026-02-05 17:33:12+00:00| published-proof-of-concept| https://github.com/nyariv/SandboxJS/security/advisories/GHSA-58jh-xv4v-pcx4 2026-02-06 20:18:00+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me7py5auaf25 2026-02-06...

CVE-2021-25520

Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet...

CVE-2025-25520

creationtimestamp| type| source ---|---|--- 2025-02-26 01:44:45+00:00| seen| https://t.me/cvedetector/18931 2025-02-26 19:49:10+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114071918468630460 2025-02-27 00:00:09+00:00| seen|...

CVE-2024-25520

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /SysManage/sysblogtemplatenew.aspx...

CVE-2024-25520

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /SysManage/sysblogtemplatenew.aspx...

CVE-2024-25520

RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vulnerability via the id parameter at /SysManage/sysblogtemplatenew.aspx...

CVE-2023-25520

Consolidated data confirms CVE-2023-25520 affects NVIDIA Jetson Linux Driver Package, specifically the nvbootctrl component. A privileged local attacker can configure invalid nvbootctrl settings, resulting in a denial of service. Remediation is to update Jetson Linux to the patched release (as pe...

CVE-2021-25520

CVE-2021-25520 affects Samsung Internet prior to version 16.0.2. The vulnerability arises from insecure caller checks and input validation in the SearchKeyword deeplink logic, allowing untrusted applications to execute script code in the browser. The impact is cross-origin script execution with p...

CVE-2021-25520

Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to execute script codes in Samsung Internet...

TRENDnet TEW-827DRU Command Injection Vulnerability (CNVD-2019-25520)

The TRENDnet TEW-827DRU is a wireless router from TRENDnet. A command injection vulnerability exists in the apply.cgi file in the TRENDnet TEW-827DRU using firmware prior to version 2.05B11. The vulnerability stems from a network system or product not properly filtering specific elements of...