CVE-2025-8325

The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, bypassing intended permission checks. This same vulnerability also affects Internal Service APIs, potentially exposing them in WSO2 APIM 3.x...

MAL-2025-8325 Malicious code in @lbnqduy/curly-octo-rotary-phone (npm)

The package @lbnqduy/curly-octo-rotary-phone was found to contain malicious code...

CVE-2021-29148

A local cross-site scripting XSS vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series versions: Aruba AOS-CX firmware: 10.04.xxxx ...

CVE-2015-8325

creationtimestamp| type| source ---|---|--- 2025-04-01 08:49:50+00:00| published-proof-of-concept| https://t.me/MalaysiaHacktivistz/2960 2025-04-01 08:49:50+00:00| published-proof-of-concept| https://t.me/MalaysiaHacktivistz/10573...

Siemens SCALANCE X-200RNA Switch Devices Untrusted Search Path (CVE-2015-8325)

The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...

Linux Distros Unpatched Vulnerability : CVE-2015-8325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files ...

Linux Distros Unpatched Vulnerability : CVE-2019-8325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManagerrun calls alerterror without escaping, escape sequence injection is...

CVE-2024-8325

creationtimestamp| type| source ---|---|--- 2024-09-04 09:22:48+00:00| seen| https://t.me/cvedetector/4757...

CVE-2024-8325 Gutenberg Page Builder Blocks & Ready-Made Patterns Library <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Blockspare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in the...

CVE-2024-8325 Gutenberg Page Builder Blocks & Ready-Made Patterns Library <= 3.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Blockspare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in the...

RHEL 7 : CloudForms 4.7.5 (RHSA-2019:1429)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1429 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual...

The vulnerability of the microprogrammed software of Aruba CX 6200F, 6300, 6400, 8320, 8325, and 8400 lies in the ability to cause a service failure by writing beyond the buffer boundaries.

The vulnerability of the microprogramming software of Aruba CX 6200F, 6300, 6400, 8320, 8325, and 8400 lies in the ability to write beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the microprogramming software for Aruba CX 6200F, 6300, 6400, 8320, 8325, and 8400 lies in the ability to perform write operations beyond the buffer boundaries, allowing an attacker to cause a service failure in the CDP process.

The vulnerability of the microprogrammed software of Aruba CX 6200F, 6300, 6400, 8320, 8325, and 8400 relates to writing beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause a service failure in the CDP process...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Ruby vulnerabilities (USN-3945-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3945-1 advisory. It was discovered that Ruby incorrectly handled certain RubyGems. An attacker could possibly use this issue to execute arbitrary...

K20911042: OpenSSH vulnerability CVE-2015-8325

Security Advisory Description The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the...

SUSE CVE-2019-8325

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManagerrun calls alerterror without escaping, escape sequence injection is possible. There are many ways to cause an error...

CVE-2021-41002

Multiple authenticated remote path traversal vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch...

Command injection

Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series...

Mageia: Security Advisory (MGASA-2016-0280)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in OpenSSH affects Power Hardware Management Console (CVE-2015-8325)

Summary OpenSSH is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-8325 DESCRIPTION: OpenSSH could allow a local attacker to gain elevated privileges on the system, caused by an error in the dosetupenv function when the...