CVE-2025-30225 Directus's S3 assets become unavailable after a burst of malformed transformations

Directus is a real-time API and App dashboard for managing SQL database content. The @directus/storage-driver-s3 package starting in version 9.22.0 and prior to version 12.0.1, corresponding to Directus starting in version 9.22.0 and prior to 11.5.0, is vulnerable to asset unavailability after a...

CVE-2025-30225

The CVE affects Directus users via the @directus/storage-driver-s3 driver: versions 9.22.0 up to 11.5.0 (paired Directus 9.22.0 to 11.5.0) are vulnerable to asset unavailability after a burst of malformed transformation requests, causing all assets to return 403 under load. The issue is fixed in ...

CVE-2025-30225

creationtimestamp| type| source ---|---|--- 2025-03-26 14:46:27+00:00| published-proof-of-concept| https://github.com/directus/directus/security/advisories/GHSA-j8xj-7jff-46mx 2025-03-26 17:25:35+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8907 2025-03-26...

CVE-2024-30225

Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects WP Migrate: from n/a through 2.6.10...

CVE-2024-30225 WordPress WP Migrate plugin <= 2.6.10 - Unauthenticated PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects WP Migrate: from n/a through 2.6.10...

CVE-2024-30225 WordPress WP Migrate plugin <= 2.6.10 - Unauthenticated PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects WP Migrate: from n/a through 2.6.10...

WordPress WP Migrate Plugin <= 2.6.10 is vulnerable to PHP Object Injection

Software WP Migrate Type Plugin Vulnerable versions = 2.6.10 Fixed in 2.6.11 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-30225 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 6b6e8d810b6a Credits Dave Jong Patchstack Required privilege...

CVE-2022-30225

creationtimestamp| type| source ---|---|--- 2022-07-13 02:25:42+00:00| seen| https://t.me/cibsecurity/46117...

Microsoft Windows Multiple Vulnerabilities (KB5015874)

This host is missing an important security update according to Microsoft KB5015874 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Windows Multiple Vulnerabilities (KB5015811)

This host is missing an important security update according to Microsoft KB5015811 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2022-30225

Technical details about CVE-2022-30225 are not provided in the connected documents. Public information in the initial entry is limited to a generic vulnerability description; monitor for updates from official advisories.

KB5015807: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (July 2022)

The remote Windows host is missing security update 5015807. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. CVE-2022-22024, CVE-2022-22027,...