26 matches found
CVE-2023-25748
By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...
CVE-2024-25748
A Stack Based Buffer Overflow vulnerability in tenda AC9 AC9 v.3.0 with firmware version v.15.03.06.42multi allows a remote attacker to execute arbitrary code via the fromSetIpMacBind function...
CVE-2025-25748
A CSRF vulnerability in the gestioneutenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions e.g., modifying user passwords on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens. NOTE: this is disput...
CVE-2025-25748
A CSRF vulnerability in the gestioneutenti.php endpoint of HotelDruid 3.0.7 allows attackers to perform unauthorized actions e.g., modifying user passwords on behalf of authenticated users by exploiting the lack of origin or referrer validation and the absence of CSRF tokens. NOTE: this is disput...
CVE-2025-25748
creationtimestamp| type| source ---|---|--- 2025-03-07 22:00:06+00:00| seen| Telegram/3MBTytBz7FAWoUgV2aTVPXaX-kfAuOLht6JlK6Rxm9ll3c 2025-03-11 17:39:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7194...
CVE-2525-25748
creationtimestamp| type| source ---|---|--- 2025-03-07 22:00:06+00:00| seen| Telegram/3MBTytBz7FAWoUgV2aTVPXaX-kfAuOLht6JlK6Rxm9ll3c...
CVE-2022-25748
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...
CVE-2024-25748
The CVE-2024-25748 entry describes a stack-based buffer overflow in the Tenda AC9 AC9 v3.0 firmware (v15.03.06.42_multi) affecting the fromSetIpMacBind function. The root cause is a stack overflow that allows remote code execution with high impact: confidentiality, integrity, and availability are...
CVE-2023-25748
creationtimestamp| type| source ---|---|--- 2023-06-02 20:42:24+00:00| seen| https://t.me/cibsecurity/64931...
CVE-2023-25748
By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...
CVE-2023-25748
By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...
CVE-2023-25748
By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...
CVE-2023-25748
CVE-2023-25748 is a public vulnerability affecting Firefox for Android (not other OSes). The issue arises when a prompt with a long description is displayed, potentially hiding the fullscreen notification and enabling user confusion or spoofing. Connected sources confirm this CVE is fixed in Fire...
CVE-2023-25748
By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...
CVE-2023-25748
By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...
CVE-2023-25748
By displaying a prompt with a long description, the fullscreen notification could have been hidden, resulting in potential user confusion or spoofing attacks. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox 111...
CVE-2021-25748
creationtimestamp| type| source ---|---|--- 2023-05-24 20:27:13+00:00| seen| https://t.me/cibsecurity/64695 2024-01-09 08:47:00+00:00| seen| https://t.me/arpsyndicate/2735...
CVE-2021-25748 Ingress-nginx `path` sanitization can be bypassed with newline character
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the spec.rules.http.paths.path field of an Ingress object in the networking.k8s.io or extensions API group to obtain the credentials of...
CVE-2021-25748 Ingress-nginx `path` sanitization can be bypassed with newline character
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the spec.rules.http.paths.path field of an Ingress object in the networking.k8s.io or extensions API group to obtain the credentials of...
CVE-2021-25748
CVE-2021-25748 concerns the ingress-nginx Ingress controller. A newline in the path field of spec.rules[].http.paths[].path can bypass sanitization for Ingress objects (Networking.k8s.io or Extensions API), potentially granting the controller credential with access to all cluster secrets. The con...