CVE-2025-24971

creationtimestamp| type| source ---|---|--- 2025-02-04 18:57:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113947144108335156 2025-02-04 19:16:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lherfrzjqf2i 2025-02-04 22:15:20+00:00| seen|...

CVE-2025-24971 OS Command Injection endpoint '/upload/init' parameter 'filename' (RCE) in DumpDrop

DumpDrop is a stupid simple file upload application that provides an interface for dragging and dropping files. An OS Command Injection vulnerability was discovered in the DumbDrop application, /upload/init endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely wh...

CVE-2025-23060

creationtimestamp| type| source ---|---|--- 2025-02-04 18:13:30+00:00| seen| https://infosec.exchange/users/cve/statuses/113946972022947165 2025-02-04 18:16:02+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lheo27p6dm2e 2025-02-04 20:35:02+00:00| seen|...

CVE-2025-24602

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:54+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedzvseuc2p 2025-02-04 18:54:20+00:00| seen| https://t.me/cvedetector/17205...

CVE-2025-24598

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedzqeikr2c 2025-02-04 18:54:18+00:00| seen| https://t.me/cvedetector/17202 2025-02-14 10:04:00+00:00| seen|...

CVE-2025-23645

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:46+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedzo4dwy27 2025-02-04 18:54:27+00:00| seen| https://t.me/cvedetector/17210...

CVE-2025-22730

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:41+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedzj5qrj2c 2025-02-04 18:54:25+00:00| seen| https://t.me/cvedetector/17208...

CVE-2025-22697

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:32+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedzau5n52c 2025-02-04 18:54:33+00:00| seen| https://t.me/cvedetector/17213...

CVE-2025-22674

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedyywyac2t 2025-02-04 18:54:28+00:00| seen| https://t.me/cvedetector/17211...

CVE-2025-22653

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:16+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedyrheu22r 2025-02-04 18:54:40+00:00| seen| https://t.me/cvedetector/17219...

CVE-2025-22206

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:05+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedyh4dik2t...

CVE-2025-0825

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:02+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedyem53k2t...

CVE-2025-22641

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prem Tiwari FM Notification Bar fm-notification-bar allows Stored XSS.This issue affects FM Notification Bar: from n/a through = 1.0.4...

CVE-2025-22641 WordPress FM Notification Bar plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Prem Tiwari FM Notification Bar allows Stored XSS. This issue affects FM Notification Bar: from n/a through 1.0.2...

CVE-2025-22641

CVE-2025-22641 is a Stored XSS in the WordPress FM Notification Bar plugin (versions 1.0.2 and earlier) caused by improper input neutralization during web page generation. Public details confirm affected software and the vulnerability type; Patchstack indicates a fix in later releases (plugin

CVE-2025-1019

The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability affects Firefox 135 and Thunderbird 135...

CVE-2025-1018

The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability affects Firefox 135 and Thunderbird 135...

CVE-2025-1019

The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability affects Firefox 135 and Thunderbird 135...

CVE-2025-1019

The z-order of the browser windows could be manipulated to hide the fullscreen notification. This could potentially be leveraged to perform a spoofing attack. This vulnerability was fixed in Firefox 135 and Thunderbird 135...

CVE-2025-1018

The fullscreen notification is prematurely hidden when fullscreen is re-requested quickly by the user. This could have been leveraged to perform a potential spoofing attack. This vulnerability was fixed in Firefox 135 and Thunderbird 135...