26 matches found
ROOT-APP-PYPI-CVE-2023-25691 CVE-2023-25691 in rootio-apache-airflow-providers-google - Patched by Root
Root has patched CVE-2023-25691 in the rootio-apache-airflow-providers-google package for Root:PyPI. Multiple fixed versions available...
CVE-2026-25691
A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with...
CVE-2026-25691
A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4, FortiSandbox PaaS 5.0.4 may allow a privileged attacker with...
CVE-2019-25691
creationtimestamp| type| source ---|---|--- 2026-04-12 14:08:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjcjnmuo3a2m...
CVE-2019-25691
CVE-2019-25691 affects Faleemi Desktop Software 1.8. The vulnerability is a local buffer overflow in the System Setup dialog that enables DEP bypass through structured exception handling. An attacker can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a b...
CVE-2023-25691
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0...
CVE-2025-25691
creationtimestamp| type| source ---|---|--- 2025-07-30 20:51:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lv7isqjuo52e...
CVE-2025-25691
A PHAR deserialization vulnerability in the component /themes/import of PrestaShop v8.2.0 allows attackers to execute arbitrary code via a crafted POST request...
CVE-2025-25691
A PHAR deserialization vulnerability in the component /themes/import of PrestaShop v8.2.0 allows attackers to execute arbitrary code via a crafted POST request...
CVE-2025-25691
A PHAR deserialization vulnerability in the component /themes/import of PrestaShop v8.2.0 allows attackers to execute arbitrary code via a crafted POST request...
PT-2025-31417 · Prestashop · Prestashop 8.2.0
Name of the Vulnerable Software and Affected Versions: PrestaShop version 8.2.0 Description: A PHAR deserialization vulnerability exists in the /themes/import component. Attackers can execute arbitrary code by sending a crafted POST request. Recommendations: At the moment, there is no information...
CVE-2022-25691
Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile...
Esri Portal for ArcGIS < Security 2024 Update 2 Multiple Vulnerabilities (10.8.1)
The version of Esri Portal for ArcGIS installed is missing Security 2024 Update 2. It is, therefore, affected by multiple vulnerabilities including: - There is a local file inclusion vulnerability in Esri Portal for ArcGIS 11.2. 11.1, 11.0 and 10.9.1 that may allow a remote, unauthenticated...
CVE-2024-25691
creationtimestamp| type| source ---|---|--- 2024-10-04 21:03:28+00:00| seen| https://t.me/cvedetector/7014...
CVE-2024-25691
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1 and below which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser...
CVE-2024-25691 BUG-000165286 - Reflected XSS in Portal for ArcGIS
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1 and below which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser...
CVE-2024-25691 BUG-000165286 - Reflected XSS in Portal for ArcGIS
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1 and below which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser...
CVE-2024-25691
Esri Portal for ArcGIS is affected by a reflected XSS in versions up to 11.1. A crafted link could cause arbitrary JavaScript execution in the victim’s browser. Affected versions include 10.8.1–11.1. Root cause is a cross-site scripting flaw in the portal’s handling of URL/link input. Practical i...
CVE-2023-25691
creationtimestamp| type| source ---|---|--- 2023-02-24 14:49:13+00:00| seen| https://t.me/cibsecurity/58860...
CVE-2023-25691
Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0...