52 matches found
ZenML ZenML Server - Improper Authentication
ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/usernameorid/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. id: CVE-2024-25723 info:...
CVE-2019-25723
creationtimestamp| type| source ---|---|--- 2026-06-02 20:59:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndifittff27...
1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +232 more potentially affected by CVE-2026-25723 via @anthropic-ai/claude-code (>=0.2.126 <=2.0.51)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2026-25723 Source advisory: OSV:GHSA-MHG7-666J-CQG4...
@kimuson/claude-code-viewer (>=0.4.2 <=0.5.9), @netlify/agent-runner-cli (>=1.31.0 <=1.57.0) +11 more potentially affected by CVE-2026-25723 via @anthropic-ai/claude-code (>=2.0.0 <=2.0.51)
@anthropic-ai/claude-code NPM version =2.0.0, =0.4.2, =1.31.0, =0.0.1-rc.1, =0.5.2, =0.0.0, =0.1.2, =0.11.1, =0.11.0, =1.0.0, =0.10.2, =0.11.2, =0.13.3 Source cves: CVE-2026-25723 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-15248308...
CVE-2026-25723
Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude...
CVE-2025-7230
INVT VT-Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of INVT VT-Designer. User interaction is required to exploit this vulnerability in that the target must visit a...
Linux Distros Unpatched Vulnerability : CVE-2025-25723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code. CVE-2025-25723 Note that Nessus relies on the presence of t...
Linux Distros Unpatched Vulnerability : CVE-2020-25723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory...
CVE-2025-25723
creationtimestamp| type| source ---|---|--- 2025-02-28 23:27:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6021 2025-03-01 02:13:46+00:00| seen| https://t.me/cvedetector/19196 2025-03-02 11:46:30+00:00| seen| Telegram/BStyOm8Ue6GrzT-V9h-jX3EHbd4z0baUQvHUumRNn9Ik9J...
DEBIAN-CVE-2025-25723
Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code...
CVE-2025-25723
Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code...
CVE-2025-25723
Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code...
CVE-2025-25723
Buffer Overflow vulnerability in GPAC version 2.5 allows a local attacker to execute arbitrary code...
CVE-2022-25723
Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile...
Exploit for Improper Access Control in Zenml
Exploit for CVE-2024-25723 This repository is dedicated to ad...
CVE-2024-25723
ZenML Server in the ZenML machine learning package before 0.46.7 for Python allows remote privilege escalation because the /api/v1/users/usernameorid/activate REST API endpoint allows access on the basis of a valid username along with a new password in the request body. These are also patched...
CVE-2024-25723
CVE-2024-25723 affects ZenML Server in the ZenML Python package (prior to 0.46.7). The REST endpoint /api/v1/users/{user_name_or_id}/activate allows remote privilege escalation by authenticating with a valid username and a new password in the request body, enabling total compromise of the account...
CVE-2023-25723
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
CVE-2022-25723
creationtimestamp| type| source ---|---|--- 2022-10-19 14:15:21+00:00| seen| https://t.me/cibsecurity/51763...
CVE-2022-25723
CVE-2022-25723 involves memory corruption in the multimedia stack of Qualcomm Snapdragon Mobile, caused by a use-after-free during callback registration failure. Documented impact indicates high severity (local, with high confidentiality, integrity, and availability impact). The provided sources ...