EUVD-2025-47152

Malicious code in indah-lutis11-sukiwir npm...

CVE-2025-47152

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive...

CVE-2025-47152

An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive...

CVE-2025-47152

CVE-2025-47152 is a PDF-XChange Editor EMF processing vulnerability. Cisco Talos details an out-of-bounds read in the EMF functionality of PDF-XChange Editor 10.6.0.396 caused by insufficient validation of the Facename field within EMR_EXTCREATEFONTINDIRECTW, which can lead to leakage of memory c...

PDF-XChange Editor EMF File EMR_EXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability

Talos Vulnerability Report TALOS-2025-2203 PDF-XChange Editor EMF File EMREXTCREATEFONTINDIRECTW Facename Out-Of-Bounds Read Vulnerability August 5, 2025 CVE Number CVE-2025-47152 SUMMARY An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor...

Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to insecure cryptographic algorithm and information disclosure due to DB2 JDBC Driver (CVE-2023-47152)

Summary DB2 JDBC driver is shipped with IBM Tivoli Netcool Impact as part of the db2 data source adapter. Information about security vulnerabilities affecting DB2 JDBC driver has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-47152 DESCRIPTION: IBM Db2 for Linux, UNIX...

Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.

Summary IBM Application Performance Management is vulnerable to denial of service, remote code execution, information disclosures and other vulnerabilities due to bundled product IBM ® Db2. This bulletin identifies the steps to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-471...

Security Bulletin: IBM Tivoli Business Service Manager is vulnerable to an insecure cryptographic algorithm and to information disclosure due to DB2 (CVE-2023-47152)

Summary DB2 JDBC driver is shipped as part of the XMLToolkit component for IBM Tivoli Business Service Manager. Information about security vulnerability affecting DB2 JDBC driver has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...

CVE-2021-47152

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transparent proxy to use the MPTCP protocol for the inbound connections. He also provided a clean reproducer. The problem boils down to...

Security Bulletin: IBM Db2 and IBM Java SDK used by IBM Security Verify Governance - Identity Manager have multiple vulnerabilities

Summary Information about security vulnerabilities affecting IBM DB2 and IBM Java has been published in security bulletins. IBM Security Verify Governance - Identity Manager ships with IBM DB2 and IBM Java SDK. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

Security Bulletin: IBM® Db2® is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. (CVE-2023-47152)

Summary IBM® Db2® is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions. Vulnerability Details CVEID:CVE-2023-47152 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to an insecure...

Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server

Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-47158, CVE-2023-47145, CVE-2023-47747, CVE-2023-27859, CVE-2023-47746, CVE-2023-47152, CVE-2023-47141, CVE-2023-45193,...

CVE-2023-47152

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5 is vulnerable to an insecure cryptographic algorithm and to information disclosure in stack trace under exceptional conditions...

CVE-2022-47152 WordPress clickfunnels Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Etison, LLC ClickFunnels plugin = 3.1.1 versions...

CVE-2022-47152 WordPress clickfunnels Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Etison, LLC ClickFunnels plugin = 3.1.1 versions...

CVE-2022-47152

CVE-2022-47152 concerns the WordPress ClickFunnels plugin (

WordPress clickfunnels Plugin <= 3.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software clickfunnels Type Plugin Vulnerable versions = 3.1.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47152 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 56d4d91bfd7c Credits rezaduty Required...

AKCMS suffers from SQL injection vulnerability (CNVD-2021-47152)

AKCMS is a lightweight content management system based on PHP and MySQL. AKCMS suffers from an SQL injection vulnerability that can be exploited by attackers to obtain sensitive database information...