CVE-2022-25677

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking...

CVE-2021-25677

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions = V0.5.0.0 V1.0.0.0, TALON TC Compact BACnet All versions V3.5.5, TALON TC Modular BACnet All versions V3.5.5. The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the D...

CVE-2022-25677

creationtimestamp| type| source ---|---|--- 2025-04-22 16:03:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12894...

CVE-2024-25677

creationtimestamp| type| source ---|---|--- 2024-02-09 10:31:16+00:00| seen| https://t.me/ctinow/181948 2024-03-02 20:16:54+00:00| seen| https://t.me/ctinow/198464 2025-06-16 18:38:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18504...

CVE-2024-25677

In Min before 1.31.0, local files are not correctly treated as unique security origins, which allows them to improperly request cross-origin resources. For example, a local file may request other local files through an XML document...

CVE-2024-25677

CVE-2024-25677 affects Min browser prior to 1.31.0, where local files are not treated as unique security origins, enabling a local file to request other local resources (e.g., via an XML document) and potentially authoring cross-origin access. Concrete details across connected sources show the is...

CVE-2022-25677

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking...

CVE-2022-25677

CVE-2022-25677 is described as memory corruption in the diag component caused by a use-after-free while processing a DCI packet in Qualcomm Snapdragon platforms (Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Wearables, Wired Infrastructure and Networking). The vulnerability affects Snapdra...

CVE-2021-25677

CVE-2021-25677 concerns DNS transaction ID randomness in Siemens DNS clients across multiple products (APOGEE PXC BACnet/P2 Ethernet, Nucleus NET/ReadyStart, SIMOTICS CONNECT 400, TALON TC). Root cause: DNS client does not properly randomize transaction IDs, enabling potential DNS cache poisoning...

Siemens SIMOTICS CONNECT 400 (Update A)

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMOTICS CONNECT 400 Vulnerabilities: Improper Null Termination, Out-of-bounds Read, Access of Memory Location After End of Buffer, Use of Insufficiently Random Values 2. UPDATE...

Important: Red Hat Security Advisory: Red Hat Ceph Storage 4.2 Security and Bug Fix update

An update is now available for Red Hat Ceph Storage 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links i...

RHEL 7 / 8 : Red Hat Ceph Storage 4.2 Security and Bug Fix update (Important) (RHSA-2021:0081)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0081 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage...

CVE-2020-25677

creationtimestamp| type| source ---|---|--- 2020-12-08 07:30:41+00:00| seen| https://t.me/cibsecurity/17228...

CVE-2020-25677

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality...

CVE-2020-25677

CVE-2020-25677 affects Ceph-ansible v4.0.41, where /etc/ceph/iscsi-gateway.conf is created with insecure default permissions, allowing any local user to read sensitive information. The issue is tied to insecure ownership/permissions of the iscsi-gateway.conf file (cited in Red Hat’s RHSA-2021:008...