101 matches found
CVE-2019-25727
creationtimestamp| type| source ---|---|--- 2026-06-04 23:27:58+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mnirmjtf7n25 2026-06-04 23:30:28+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mnirqyr22a26...
CVE-2019-25727
WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the path parameter. Attackers can send GET requests to the edit.php endpoint with export=exportcsv and a malicious path paramet...
CVE-2019-25727 WordPress Plugin ad manager wd 1.0.11 Arbitrary File Download
WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the path parameter. Attackers can send GET requests to the edit.php endpoint with export=exportcsv and a malicious path paramet...
Security update for agama (important)
openSUSE security update: security update for agama ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20753-1 Rating: important References: bsc1257930 Cross-References: CVE-2026-25727 CVSS scores: CVE-2026-25727 SUSE : 7.5...
Security Bulletin: Cargo in IBM Open SDK for Rust on AIX uses a vulnerable version of the time crate (CVE-2026-25727)
Summary The cargo package manager in IBM Open SDK for Rust on AIX 1.90.0.0 and 1.92.0.0 uses version 0.3.37 of the time crate which is vulnerable to CVE-2026-25727. Vulnerability Details CVEID:CVE-2026-25727 DESCRIPTION: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47,...
Security update for librsvg
This update for librsvg fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257922. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
SUSE-SU-2026:1750-1 Security update for librsvg
This update for librsvg fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257922...
Amazon Linux 2023 : librsvg2, librsvg2-devel, librsvg2-tools (ALAS2023-2026-1591)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1591 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack...
Security update for librsvg
This update for librsvg fixes the following issue: CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257922. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
openSUSE 16 Security Update : librsvg (openSUSE-SU-2026:20610-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20610-1 advisory. This update for librsvg fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack...
SUSE-SU-2026:21275-1 Security update for librsvg
This update for librsvg fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257922...
OPENSUSE-SU-2026:20610-1 Security update for librsvg
This update for librsvg fixes the following issue: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257922...
SUSE-SU-2026:1361-1 Security update for himmelblau
This update for himmelblau fixes the following issues: Update to version 2.3.9+git0.a9fd29b; jscPED-14511: - CVE-2026-34397: Fix LPE due to name collision during NSS fake-primary group lookup bsc1261324. - CVE-2026-31979: Fix race condition when accessiung /tmp/krb5ccuid bsc1259548. -...
Amazon Linux 2023 : amazon-efs-utils (ALAS2023-2026-1564)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1564 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via...
CVE-2026-25727 affecting package rust for versions less than 1.90.0-6
CVE-2026-25727 affecting package rust for versions less than 1.90.0-6. A patched version of the package is available...
CVE-2026-25727 affecting package rust for versions less than 1.75.0-27
CVE-2026-25727 affecting package rust for versions less than 1.75.0-27. A patched version of the package is available...
Low: rust-below
Issue Overview: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used...
Medium: rust-cargo-c
Issue Overview: A flaw in the gix-date library can generate invalid non-UTF8 strings, leading to undefined behavior when processed. The most likely impact from a successful attack is to data integrity, by the malicious data being able to corrupt data being hold in memory and to system availabilit...
Amazon Linux 2023 : below (ALAS2023-2026-1523)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1523 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack...
Security Bulletin: IBM Edge Data Collector uses time-0.3.37.crate which is vulnerable to CVE-2026-25727.
Summary IBM Edge Data Collector uses time-0.3.37.crate which is vulnerable to CVE-2026-25727. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-25727 DESCRIPTION: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when...