22 matches found
CVE-2019-25618
creationtimestamp| type| source ---|---|--- 2026-03-22 15:14:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhntjlhggc27...
CVE-2019-25618 AdminExpress 1.2.5 Denial of Service via System Compare
AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste a large buffer of characters into the Folder Path field and trigger the comparison function to...
CVE-2023-25618
SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with...
CVE-2025-25618
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers...
CVE-2025-25618
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers...
CVE-2025-25618
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers...
CVE-2025-25618
creationtimestamp| type| source ---|---|--- 2025-03-17 14:52:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7784 2025-03-17 17:27:59+00:00| seen| https://t.me/cvedetector/20470 2025-03-17 17:45:51+00:00| seen|...
CVE-2025-25618
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers...
CVE-2025-25618
CVE-2025-25618 affects Unifiedtransform 2.0. Root cause: improper access control that permits privilege escalation, enabling teachers to change section names and room numbers. Impact is limited to unauthorized modifications by users with teacher privileges; CVSS 3.1 metrics indicate Network acces...
CVE-2025-25618
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers...
CVE-2024-25618
creationtimestamp| type| source ---|---|--- 2024-02-14 22:31:32+00:00| seen| https://t.me/ctinow/185077...
CVE-2024-25618
CVE-2024-25618 (Mastodon) describes an account takeover risk when external identity providers (CAS, SAML, OIDC) attach new identities to existing Mastodon users via shared email addresses. The issue occurs if the provider allows changing a user’s email (or supports multiple providers) and Mastodo...
CVE-2024-25618 External OpenID Connect Account Takeover by E-Mail Change in mastodon
Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows new identities from configured authentication providers CAS, SAML, OIDC to attach to existing local users with the same e-mail address. This results in a possible account takeover if the authentication...
CVE-2023-25618
SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with...
CVE-2023-25618
CVE-2023-25618 affects SAP NetWeaver Application Server for ABAP/ABAP Platform (versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791). A DoS condition arises from multiple vulnerabilities in an unused error-handling class: an attacker authenticated as a non-administrative...
CVE-2023-25618 Denial of Service (DoS) vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform
SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with...
CVE-2022-25618
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in wpDataTables WordPress plugin versions = 2.1.27...
CVE-2022-25618 WordPress wpDataTables plugin <= 2.1.27 - Stored Cross-Site Scripting (XSS) vulnerability
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in wpDataTables WordPress plugin versions = 2.1.27...
CVE-2022-25618
CVE-2022-25618 is an authenticated (admin+) stored XSS vulnerability in the WordPress plugin wpDataTables up to version 2.1.27. Root cause details are not explicitly stated beyond the XSS classification in multiple sources, but the consensus is that versions ≤ 2.1.27 are affected. The practical i...
CVE-2022-25618
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in wpDataTables WordPress plugin versions = 2.1.27...