Lucene search
K

25 matches found

Circl
Circl
added 2026/02/10 8:10 a.m.4 views

CVE-2026-25878

creationtimestamp| type| source ---|---|--- 2026-02-10 08:10:05+00:00| seen| https://gist.github.com/alon710/647bef82efc8bc03f3b4034f54af7e26...

6.9CVSS5.1AI score0.00362EPSS
Exploits0References1
OSV
OSV
added 2026/02/09 8:53 p.m.6 views

CVE-2026-25878 FroshAdminer Adminer UI is accessible without admin session

FroshAdminer is the Adminer plugin for Shopware Platform. Prior to 2.2.1, the Adminer route /admin/adminer was accessible without Shopware admin authentication. The route was configured with authrequired=false and performed no session validation, exposing the Adminer UI to unauthenticated users...

6.9CVSS5.5AI score0.00362EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/23 1:20 p.m.14 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to prototype pollution due to the protobufjs package (CVE-2022-25878)

Summary Protobufjs is used by DataStage on Cloud Pak for Data as part of data serialization. Vulnerability Details CVEID:CVE-2022-25878 DESCRIPTION: The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the...

8.2CVSS8.3AI score0.02071EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 9:37 p.m.5 views

CVE-2021-25878

AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator...

6.1CVSS6.8AI score0.01148EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-25878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This...

8.2CVSS7.9AI score0.02071EPSS
Exploits1References2
Circl
Circl
added 2025/02/21 6:18 p.m.6 views

CVE-2025-25878

creationtimestamp| type| source ---|---|--- 2025-02-21 18:18:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4938 2025-02-21 19:46:35+00:00| seen| https://t.me/cvedetector/18665...

3.8CVSS4.8AI score0.00263EPSS
Exploits1References2
CVE
CVE
added 2025/02/21 12:0 a.m.73 views

CVE-2025-25878

The CVE-2025-25878 entry concerns ITSourcecode Simple ChatBox (up to version 1.0). The vulnerability is tied to the /del.php file, where SQL injection may allow an attacker to obtain sensitive data. The publicly documented impact is limited to data disclosure with a CVSSv3.1 base score of 3.8 (LO...

3.8CVSS7.3AI score0.00263EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/02/21 12:0 a.m.32 views

CVE-2025-25878

A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL injection to obtain sensitive data...

0.00263EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2023/07/05 3:30 p.m.53 views

protobufjs Prototype Pollution vulnerability

protobuf.js aka protobufjs 6.10.0 until 6.11.4 and 7.0.0 until 7.2.4 allows Prototype Pollution, a different vulnerability than CVE-2022-25878. A user-controlled protobuf message can be used by an attacker to pollute the prototype of Object.prototype by adding and overwriting its data and...

9.8CVSS8.4AI score0.01422EPSS
Exploits1References10Affected Software1
Prion
Prion
added 2023/07/05 2:15 p.m.33 views

Design/Logic Flaw

"protobuf.js aka protobufjs 6.10.0 through 7.x before 7.2.5 allows Prototype Pollution, a different vulnerability than CVE-2022-25878. A user-controlled protobuf message can be used by an attacker to pollute the prototype of Object.prototype by adding and overwriting its data and functions...

7.5CVSS8.3AI score0.02071EPSS
Exploits2References5Affected Software1
Circl
Circl
added 2023/03/28 12:37 a.m.7 views

CVE-2023-25878

creationtimestamp| type| source ---|---|--- 2023-03-28 00:37:59+00:00| seen| https://t.me/cibsecurity/60826...

5.5CVSS4.8AI score0.00313EPSS
Exploits0References1
NVD
NVD
added 2023/03/27 9:15 p.m.22 views

CVE-2023-25878

Adobe Substance 3D Stager versions 2.0.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

5.5CVSS5AI score0.00313EPSS
Exploits0References1
CVE
CVE
added 2023/03/27 12:0 a.m.68 views

CVE-2023-25878

CVE-2023-25878 affects Adobe Substance 3D Stager, specifically versions 2.0.0 and earlier. The issue is an out-of-bounds read in the OBJ file parsing that can disclose memory contents, with the attacker able to bypass ASLR. Exploitation requires user interaction (victim opens a malicious file). D...

5.5CVSS5AI score0.00313EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/04 5:44 p.m.34 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands may be vulnerable to arbitrary code execution due to CVE-2022-25878

Summary Node.js module protobufjs is used internally by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container IntegrationServer operands may be vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported...

8.2CVSS8.9AI score0.02071EPSS
Exploits1Affected Software1
Circl
Circl
added 2022/05/28 12:15 a.m.4 views

CVE-2022-25878

creationtimestamp| type| source ---|---|--- 2022-05-28 00:15:22+00:00| seen| https://t.me/cibsecurity/43506 2023-07-05 18:21:53+00:00| seen| https://t.me/cibsecurity/65973...

8.2CVSS8.3AI score0.02071EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2022/05/28 12:0 a.m.5 views

@0cfg/rpc-common (>=0.0.1 <=0.1.3), @0cfg/rpc-node (>=0.0.1 <=0.1.3) +311 more potentially affected by CVE-2022-25878 via protobufjs (>=6.11.1 <=6.11.2)

protobufjs NPM version =6.11.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.11, =0.0.2, =0.1.0, =4.0.0, =1.0.0, =0.4.21, =1.0.3, =0.1.0, =0.1.0, =0.4.115, =0.5.167 - @atomist/npm-release-skill =0.1.1-110 and more Source cves: CVE-2022-25878 Source advisory: OSV:GHSA-G954-5HWP-PP24...

8.2CVSS7.1AI score0.02071EPSS
Exploits1
Cvelist
Cvelist
added 2022/05/27 8:0 p.m.30 views

CVE-2022-25878 Prototype Pollution

The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways: 1. by providing untrusted user input to util.setProperty or to ReflectionObject.setParsedOption...

8.2CVSS9.1AI score0.02071EPSS
Exploits1References5
CVE
CVE
added 2022/05/27 8:0 p.m.129 views

CVE-2022-25878

CVE-2022-25878 affects protobufjs with Prototype Pollution (Object.prototype) via untrusted input to util.setProperty, ReflectionObject.setParsedOption, or .proto parsing. Connected docs show a related entry (CVE-2023-36665) describing protobufjs 6.10.0–7.x before 7.2.5 as vulnerable to prototype...

8.2CVSS8.2AI score0.02071EPSS
Exploits1References5Affected Software1
vulnersOsv
vulnersOsv
added 2022/04/06 9:47 a.m.4 views

@0cfg/rpc-common (>=0.0.1 <=0.1.3), @0cfg/rpc-node (>=0.0.1 <=0.1.3) +311 more potentially affected by CVE-2022-25878 via protobufjs (>=6.11.1 <=6.11.2)

protobufjs NPM version =6.11.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.11, =0.0.2, =0.1.0, =4.0.0, =1.0.0, =0.4.21, =1.0.3, =0.1.0, =0.1.0, =0.4.115, =0.5.167 - @atomist/npm-release-skill =0.1.1-110 and more Source cves: CVE-2022-25878 Source advisory: SNYK:JS-PROTOBUFJS-2441248...

8.2CVSS7.1AI score0.02071EPSS
Exploits1
Circl
Circl
added 2021/11/01 3:21 p.m.5 views

CVE-2021-25878

creationtimestamp| type| source ---|---|--- 2021-11-01 15:21:27+00:00| seen| https://t.me/cibsecurity/31547...

6.1CVSS6.1AI score0.01148EPSS
Exploits1References1
Rows per page
Query Builder