CVE-2026-25657

creationtimestamp| type| source ---|---|--- 2026-06-05 12:52:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnk6k7s6cl23...

CVE-2026-25657

Ericsson Packet Core Gateway PCG versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure CWE-228 vulnerability where an attacker continuously sending a specially crafted message can cause service degradation. The impact continues as long the attack persists but the...

CVE-2024-25657

An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform UMP 23.07.0.16567LTS could allow attackers to redirect authenticated users to malicious websites...

CVE-2020-25657 affecting package m2crypto 0.35.2-8

CVE-2020-25657 affecting package m2crypto 0.35.2-8. No patch is available currently...

RHEL 6 : m2crypto (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - m2crypto: bleichenbacher timing attacks in the RSA decryption API CVE-2020-25657 - m2crypto: Bleichenbach...

RHEL 7 : m2crypto (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - m2crypto: bleichenbacher timing attacks in the RSA decryption API CVE-2020-25657 - m2crypto: Bleichenbach...

SUSE SLED15 / SLES15 / openSUSE 15 : Feature update for python-M2Crypto (SUSE-SU-SUSE-FU-2024:1448-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-SUSE-FU-2024:1448-1 advisory. - A flaw was found in all released versions of m2crypto, where they are vulnerable to...

CVE-2020-25657 affecting package m2crypto for versions less than 0.38.0-3

CVE-2020-25657 affecting package m2crypto for versions less than 0.38.0-3. A patched version of the package is available...

CVE-2024-25657

creationtimestamp| type| source ---|---|--- 2024-03-18 21:21:43+00:00| seen| https://t.me/ctinow/210951 2024-03-18 21:26:21+00:00| seen| https://t.me/ctinow/210957...

CVE-2024-25657

CVE-2024-25657 affects AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS. An open redirect exists in the Login/Logout web management flow, potentially causing authenticated users to be redirected to malicious websites. The initial entry reports a CVSSv3.1 base score of 5.4 (Medium) wit...

CVE-2024-25657

An open redirect in the Login/Logout functionality of web management in AVSystem Unified Management Platform UMP 23.07.0.16567LTS could allow attackers to redirect authenticated users to malicious websites...

CVE-2020-25657

creationtimestamp| type| source ---|---|--- 2024-02-05 23:56:56+00:00| seen| https://t.me/ctinow/179623...

CBL Mariner 2.0 Security Update: m2crypto (CVE-2020-25657)

The version of m2crypto installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-25657 advisory. - A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing...

nautobot-chatops (>=1.6.0 <=1.7.1), nautobot-chatops-arista-cloudvision (>=1.0.1 <=1.3.0) +7 more potentially affected by CVE-2023-25657 via nautobot (>=1.0.3 <=1.5.16)

nautobot PYPI version =1.0.3, =1.6.0, =1.0.1, =1.1.0, =0.9.2, =1.5.0, =0.9.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2023-25657 Source advisory: OSV:GHSA-8MFQ-F5WJ-VW5M...

nautobot-chatops (>=1.6.0 <=1.7.1), nautobot-chatops-arista-cloudvision (>=1.0.1 <=1.3.0) +7 more potentially affected by CVE-2023-25657 via nautobot (>=1.0.3 <=1.5.16)

nautobot PYPI version =1.0.3, =1.6.0, =1.0.1, =1.1.0, =0.9.2, =1.5.0, =0.9.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2023-25657 Source advisory: OSV:PYSEC-2023-37...

CVE-2023-25657

Summary: CVE-2023-25657 affects Nautobot before 1.5.7, where the Jinja2 template engine was not sandboxed, potentially enabling remote code execution. In Nautobot 1.5.7 and later, sandboxed environments are enabled for Jinja2 rendering for objects such as extras.ComputedField, extras.CustomLink, ...

CVE-2022-25657

Memory corruption due to buffer overflow occurs while processing invalid MKV clip which has invalid seek header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

CVE-2022-25657

CVE-2022-25657 is a memory-corruption issue caused by a buffer overflow when processing an invalid MKV clip with an invalid seek header. The vulnerability is described across multiple sources as affecting Qualcomm Snapdragon family components: Auto, Compute, Connectivity, Industrial IOT, Mobile, ...

CVE-2022-25657

Memory corruption due to buffer overflow occurs while processing invalid MKV clip which has invalid seek header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

CVE-2021-25657

creationtimestamp| type| source ---|---|--- 2022-09-02 07:38:43+00:00| seen| Telegram/x4tGn6yd9VDOnQ0MoHoq6WwspPhDU9U63rm1zgGyJOsDE...