CVE-2026-25906

creationtimestamp| type| source ---|---|--- 2026-03-06 00:40:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mge37sqd562l...

Dell Optimizer 6.x < 6.3.1.0 Privilege Escalation (DSA-2026-094)

The version of Dell Optimizer installed on the remote host is 6.x prior to 6.3.1.0. It is, therefore, affected by a vulnerability: - An improper link resolution before file access vulnerability that could allow a low privileged attacker with local access to exploit this vulnerability, leading to...

CVE-2026-25906

Dell Optimizer, versions prior to 6.3.1, contain an Improper Link Resolution Before File Access 'Link Following' vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

CVE-2024-25906

Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows Functionality Bypass.This issue affects Comments Like Dislike: from n/a through 1.2.2...

CVE-2024-25906

CVE-2024-25906 affects the WordPress plugin Comments Like Dislike (WP Happy Coders) up to version 1.2.2 . The issue is an authentication bypass via spoofing, specifically an IP restriction bypass that can allow functionality bypass/escalation of access as described in Patchstack and Red Hat/NVD r...

WordPress Comments Like Dislike Plugin <= 1.2.2 is vulnerable to Bypass Vulnerability

Software Comments Like Dislike Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A1: Broken Access Control Classification Bypass Vulnerability CVE CVE-2024-25906 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a646d3bbd927 Credits Mika Required privilege...

CVE-2023-25906

creationtimestamp| type| source ---|---|--- 2023-03-29 00:46:11+00:00| seen| https://t.me/cibsecurity/60965...

CVE-2023-25906

Adobe Dimension

Adobe Dimension < 3.4.8 Multiple Vulnerabilities (APSB23-20) (macOS)

The version of Adobe Dimension installed on the remote macOS host is prior to 3.4.8. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB23-20 advisory. - Adobe Dimension versions 3.4.7 and earlier is affected by a Stack-based Buffer Overflow vulnerability that could...

CVE-2022-25906

All versions of the package is-http2 are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function...

CVE-2022-25906

CVE-2022-25906 affects the JavaScript package is-http2. The vulnerability is a Command Injection in the isH2-related handling due to missing input sanitization in the module’s code (index.js). Several sources describe that all versions are vulnerable and that using the sandboxed isH2 path does no...

CVE-2022-25906

All versions of the package is-http2 are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function...

CVE-2022-25906

All versions of the package is-http2 are vulnerable to Command Injection due to missing input sanitization or other checks, and sandboxes being employed to the isH2 function...

CVE-2021-25906

An issue was discovered in the basicdspmatrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed...

CVE-2021-25906

CVE-2021-25906 affects the Rust crate basic_dsp_matrix prior to version 0.9.2. A panic in TransformContent can trigger a double drop, leading to potential memory corruption. Multiple sources (Red Hat CVE, GHSA, OSV, RustSec advisory) confirm the issue and point to the same root cause: unsafe hand...