π¨ CVE-2021-44228
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
π@cveNotify
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
π@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π¨ CVE-2021-45046
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
π@cveNotify
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
π@cveNotify
π¨ CVE-2025-60563
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetPortTr.
π@cveNotify
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetPortTr.
π@cveNotify
GitHub
DLINK-DIR600LAx-Vulnerability/18-buffer overflow-formSetPortTr.md at main Β· luckysmallbird/DLINK-DIR600LAx-Vulnerability
Contribute to luckysmallbird/DLINK-DIR600LAx-Vulnerability development by creating an account on GitHub.
π¨ CVE-2025-60729
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function
π@cveNotify
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function
π@cveNotify
π¨ CVE-2025-60730
PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function
π@cveNotify
PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function
π@cveNotify
π¨ CVE-2018-0158
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.
π@cveNotify
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device to be processed. A successful exploit could cause an affected device to continuously consume memory and eventually reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf22394.
π@cveNotify
π¨ CVE-2025-6021
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
π@cveNotify
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
π@cveNotify
π¨ CVE-2025-12233
A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing manipulation of the argument page can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
π@cveNotify
A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing manipulation of the argument page can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
π@cveNotify
GitHub
Shenzhen Jixiang Tengda Technology Co., Ltd. Router CH22 V1.0.0.1 /goform/SafeUrlFilter Buffer Overflow Vulnerability Β· Issue #14β¦
NAME OF AFFECTED PRODUCT(S) Tenda Router CH22 V1.0.0.1 - Buffer Overflow in /goform/SafeUrlFilter Vulnerability Details Detail Information Vendor Shenzhen Jixiang Tengda Technology Co., Ltd. Produc...
π¨ CVE-2025-12234
A vulnerability has been found in Tenda CH22 1.0.0.1. This affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability has been found in Tenda CH22 1.0.0.1. This affects the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
Shenzhen Jixiang Tengda Technology Co., Ltd. Router CH22 V1.0.0.1 /goform/SafeMacFilter Buffer Overflow Vulnerability Β· Issue #15β¦
NAME OF AFFECTED PRODUCT(S) Tenda Router CH22 V1.0.0.1 - Buffer Overflow in /goform/SafeMacFilter Vulnerability Details Detail Information Vendor Shenzhen Jixiang Tengda Technology Co., Ltd. Produc...
π¨ CVE-2025-12235
A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used.
π@cveNotify
A vulnerability was found in Tenda CH22 1.0.0.1. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page results in buffer overflow. The attack must originate from the local network. The exploit has been made public and could be used.
π@cveNotify
GitHub
Shenzhen Jixiang Tengda Technology Co., Ltd. Router CH22 V1.0.0.1/goform/SetIpBind Buffer Overflow Vulnerability Β· Issue #16 Β·β¦
NAME OF AFFECTED PRODUCT(S) Tenda Router CH22 V1.0.0.1 - Buffer Overflow in /goform/SetIpBind Vulnerability Details Detail Information Vendor Shenzhen Jixiang Tengda Technology Co., Ltd. Product Ro...
π¨ CVE-2025-12236
A vulnerability was determined in Tenda CH22 1.0.0.1. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
π@cveNotify
A vulnerability was determined in Tenda CH22 1.0.0.1. This issue affects the function fromDhcpListClient of the file /goform/DhcpListClient. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
π@cveNotify
GitHub
Shenzhen Jixiang Tengda Technology Co., Ltd. Router CH22 V1.0.0.1 /goform/DhcpListClient Buffer Overflow Vulnerability Β· Issueβ¦
NAME OF AFFECTED PRODUCT(S) Tenda Router CH22 V1.0.0.1 - Buffer Overflow in /goform/DhcpListClient Vulnerability Details Detail Information Vendor Shenzhen Jixiang Tengda Technology Co., Ltd. Produ...
π¨ CVE-2025-12237
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /index.php. Such manipulation of the argument keywords leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.
π@cveNotify
A vulnerability was identified in projectworlds Advanced Library Management System 1.0. Impacted is an unknown function of the file /index.php. Such manipulation of the argument keywords leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.
π@cveNotify
GitHub
Projectworlds Advanced Library Management System Project V1.0 / index.php SQL injection Β· Issue #1 Β· juzidddd/Projectworlds-ALMSβ¦
Projectworlds Advanced Library Management System Project V1.0 / index.php SQL injection NAME OF AFFECTED PRODUCT(S) β’ Advanced Library Management System Vendor Homepage β’ https://projectworlds.com/...
π¨ CVE-2025-59278
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
π@cveNotify
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
π@cveNotify
π¨ CVE-2025-59282
Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally.
π@cveNotify
Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally.
π@cveNotify
π¨ CVE-2025-59284
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.
π@cveNotify
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.
π@cveNotify
π¨ CVE-2025-59285
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
π@cveNotify
Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally.
π@cveNotify
π¨ CVE-2025-59288
Improper verification of cryptographic signature in GitHub allows an unauthorized attacker to perform spoofing over an adjacent network.
π@cveNotify
Improper verification of cryptographic signature in GitHub allows an unauthorized attacker to perform spoofing over an adjacent network.
π@cveNotify
π¨ CVE-2025-59275
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
π@cveNotify
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
π@cveNotify
π¨ CVE-2025-59277
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
π@cveNotify
Improper validation of specified type of input in Windows Authentication Methods allows an authorized attacker to elevate privileges locally.
π@cveNotify
π¨ CVE-2025-62707
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in pypdf version 6.1.3.
π@cveNotify
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in pypdf version 6.1.3.
π@cveNotify
GitHub
SEC: Avoid infinite loop when reading broken DCT-based inline images β¦ Β· py-pdf/pypdf@f2864d6
β¦(#3501)
π¨ CVE-2025-62708
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. This has been fixed in pypdf version 6.1.3.
π@cveNotify
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. This has been fixed in pypdf version 6.1.3.
π@cveNotify
GitHub
SEC: Allow limiting size of LZWDecode streams (#3502) Β· py-pdf/pypdf@e51d078
A pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files - SEC: Allow limiting size of LZWDecode streams (#3502) Β· py-pdf/pypdf@e51d078