{"vulnerability": "cve-2025-2162", "sightings": [{"uuid": "a1ec264c-c737-4152-8a6a-e06c7bbda258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21624", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113788094723392306", "content": "", "creation_timestamp": "2025-01-07T16:48:57.122927Z"}, {"uuid": "31fbbb7d-9662-422b-a52f-bd731f5c7da1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21628", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113799538335498729", "content": "", "creation_timestamp": "2025-01-09T17:19:11.396661Z"}, {"uuid": "464c7170-c8d1-4ced-b08e-b0181e58bc61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21628", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfdbw3cyen2i", "content": "", "creation_timestamp": "2025-01-09T18:15:55.848484Z"}, {"uuid": "c060f10d-e1ea-4ebc-9f3f-55e14dfcf89a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21628", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfdd6se3zz2k", "content": "", "creation_timestamp": "2025-01-09T18:38:42.147737Z"}, {"uuid": "09aa5f03-7372-4c7b-a815-cee93b7b405f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21628", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfdd6spz6m2h", "content": "", "creation_timestamp": "2025-01-09T18:38:42.787784Z"}, {"uuid": "2f40d375-60dd-437d-9f9d-d4747945f2f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21622", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787932641923201", "content": "", "creation_timestamp": "2025-01-07T16:07:42.726444Z"}, {"uuid": "3ebf8506-776f-49b7-a6ee-83bfba91faaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21623", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787932656548061", "content": "", "creation_timestamp": "2025-01-07T16:07:43.383700Z"}, {"uuid": "0e3773e0-3d18-4100-ae49-894618736e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21624", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787932671356345", "content": "", "creation_timestamp": "2025-01-07T16:07:44.002711Z"}, {"uuid": "f00aab01-acc4-42d3-8fe1-c1d1346c6755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21628", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113799891343249171", "content": "", "creation_timestamp": "2025-01-09T18:48:58.446686Z"}, {"uuid": "325441a8-3cce-480a-b11e-b8e284937cc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21622", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62dvrvje2m", "content": "", "creation_timestamp": "2025-01-07T16:17:10.944136Z"}, {"uuid": "5955fe40-18b1-4d6b-914d-7c29f217008a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21623", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62dy22iw2f", "content": "", "creation_timestamp": "2025-01-07T16:17:13.533498Z"}, {"uuid": "483b324d-7525-411d-92e9-b46997d72a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21620", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113783769484392065", "content": "", "creation_timestamp": "2025-01-06T22:28:57.734322Z"}, {"uuid": "9d4b91a1-f1fb-44c2-a998-385c64ff6f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21620", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4bbbwy3l2l", "content": "", "creation_timestamp": "2025-01-06T23:15:40.352918Z"}, {"uuid": "3e4982b1-7ebb-49b1-97ff-97e8f62a206e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21620", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf4ciu6tp42k", "content": "", "creation_timestamp": "2025-01-06T23:37:48.795579Z"}, {"uuid": "3787e1d2-f72a-4759-9e56-7324e71aad0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21629", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfrtzua2jv2f", "content": "", "creation_timestamp": "2025-01-15T13:17:26.340381Z"}, {"uuid": "735b7893-c5f6-4027-89c8-8fd4d19a30dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21627", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lizdqxo5qz2l", "content": "", "creation_timestamp": "2025-02-25T17:03:01.690351Z"}, {"uuid": "d1953f5e-4d0c-47cb-b983-9f4870dca0ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2025-21629", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "2e77863e-9ebe-4da3-9ff7-18a78d6f0cd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21626", "type": "seen", "source": "MISP/8e1b6542-ae86-4729-a7a6-4e9f670b8bb7", "content": "", "creation_timestamp": "2025-08-22T17:25:06.000000Z"}, {"uuid": "5c6c7c3a-e174-4fd5-a69c-120b527e99c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21624", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/16832", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPoC, and documentation of deployment of a vulnerable instance of ClipBucket-v5 for demonstration of CVE-2025-21624.\nURL\uff1ahttps://github.com/shreyas-malhotra/CVE-2025-21624\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-04T13:26:34.000000Z"}, {"uuid": "44c844a2-ace2-4c20-abb4-c1b2de8e5743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-21629", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "00f40f01-db2b-415c-9de2-c1d090f567fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21627", "type": "seen", "source": "https://t.me/cvedetector/18901", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21627 - GLPI Reflected Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-21627 \nPublished : Feb. 25, 2025, 4:15 p.m. | 1\u00a0hour, 37\u00a0minutes ago \nDescription : GLPI is a free asset and IT management software package. In versions prior to 10.0.18, a malicious link can be crafted to perform a reflected XSS attack on the search page. If the anonymous ticket creation is enabled, this attack can be performed by an unauthenticated user. Version 10.0.18 contains a fix for the issue. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-25T19:03:39.000000Z"}, {"uuid": "15b411cd-9e6b-4c2e-92fe-f4a29d5e63b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21620", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/260", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21620\n\ud83d\udd39 Description: Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. When you send a request with the Authorization header to one domain, and the response asks to redirect to a different domain, Deno'sfetch() redirect handling creates a follow-up redirect request that keeps the original Authorization header, leaking its content to that second domain. This vulnerability is fixed in 2.1.2.\n\ud83d\udccf Published: 2025-01-06T22:26:40.723Z\n\ud83d\udccf Modified: 2025-01-06T22:26:40.723Z\n\ud83d\udd17 References:\n1. https://github.com/denoland/deno/security/advisories/GHSA-f27p-cmv8-xhm6", "creation_timestamp": "2025-01-06T22:36:55.000000Z"}, {"uuid": "dfb1b71b-6309-489d-938d-8c35ca9e79bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21626", "type": "seen", "source": "https://t.me/cvedetector/18899", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21626 - GLPI Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21626 \nPublished : Feb. 25, 2025, 4:15 p.m. | 1\u00a0hour, 37\u00a0minutes ago \nDescription : GLPI is a free asset and IT management software package. Starting in version 0.71 and prior to version 10.0.18, an anonymous user can fetch sensitive information from the `status.php` endpoint. Version 10.0.18 contains a fix for the issue. Some workarounds are available. One may delete the `status.php` file, restrict its access, or remove any sensitive values from the `name` field of the active LDAP directories, mail servers authentication providers and mail receivers. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-25T19:03:38.000000Z"}, {"uuid": "3cc95abe-b663-408c-b998-256651e7914a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21624", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/498", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21624\n\ud83d\udd39 Description: ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 239, a file upload vulnerability exists in the Manage Playlist functionality of the application, specifically surrounding the uploading of playlist cover images. Without proper checks, an attacker can upload a PHP script file instead of an image file, thus allowing a webshell or other malicious files to be stored and executed on the server. This attack vector exists in both the admin area and low-level user area. This vulnerability is fixed in 5.5.1 - 239.\n\ud83d\udccf Published: 2025-01-07T15:46:11.169Z\n\ud83d\udccf Modified: 2025-01-07T17:02:34.217Z\n\ud83d\udd17 References:\n1. https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-98vm-2xqm-xrcc\n2. https://github.com/MacWarrior/clipbucket-v5/commit/893bfb0f1236c4a59b5e2843ab8d27a1e491b12b", "creation_timestamp": "2025-01-07T17:42:33.000000Z"}, {"uuid": "f542e88d-5c76-40cd-9015-e980acf8d307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21622", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/495", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21622\n\ud83d\udd39 Description: ClipBucket V5 provides open source video hosting with PHP. During the user avatar upload workflow, a user can choose to upload and change their avatar at any time. During deletion, ClipBucket checks for the avatar_url as a filepath within the avatars subdirectory. If the URL path exists within the avatars directory, ClipBucket will delete it. There is no check for path traversal sequences in the provided user input (stored in the DB as avatar_url) therefore the final $file variable could be tainted with path traversal sequences. This leads to file deletion outside of the intended scope of the avatars folder. This vulnerability is fixed in 5.5.1 - 237.\n\ud83d\udccf Published: 2025-01-07T15:33:40.680Z\n\ud83d\udccf Modified: 2025-01-07T17:10:50.287Z\n\ud83d\udd17 References:\n1. https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-5qpx-23rw-36gg\n2. https://github.com/MacWarrior/clipbucket-v5/commit/22329c4675e82c7c95e74024ba247f837ac9e00b", "creation_timestamp": "2025-01-07T17:41:49.000000Z"}, {"uuid": "d38155e1-50dc-40be-a1dd-c3d6c792f37f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21623", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/497", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21623\n\ud83d\udd39 Description: ClipBucket V5 provides open source video hosting with PHP. Prior to 5.5.1 - 238, ClipBucket V5 allows unauthenticated attackers to change the template directory via a directory traversal, which results in a denial of service.\n\ud83d\udccf Published: 2025-01-07T15:43:11.353Z\n\ud83d\udccf Modified: 2025-01-07T17:04:44.391Z\n\ud83d\udd17 References:\n1. https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-ffhj-hprx-7qvr\n2. https://github.com/MacWarrior/clipbucket-v5/commit/75d663f010cd8569eb9e278f030838174fb30188", "creation_timestamp": "2025-01-07T17:42:22.000000Z"}, {"uuid": "b850a213-165f-4c75-a5de-8628d3dc5fc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2162", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12392", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2162\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The MapPress Maps for WordPress plugin before 2.94.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-04-18T06:00:08.243Z\n\ud83d\udccf Modified: 2025-04-18T06:00:08.243Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/06063788-7ab8-49cc-9911-1d9926fcf99d/", "creation_timestamp": "2025-04-18T06:58:25.000000Z"}, {"uuid": "a8334bd6-8d0b-4e16-8cd3-89a5e787f09e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21629", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1751", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21629\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\n\nThe blamed commit disabled hardware offoad of IPv6 packets with\nextension headers on devices that advertise NETIF_F_IPV6_CSUM,\nbased on the definition of that feature in skbuff.h:\n\n *   * - %NETIF_F_IPV6_CSUM\n *     - Driver (device) is only able to checksum plain\n *       TCP or UDP packets over IPv6. These are specifically\n *       unencapsulated packets of the form IPv6|TCP or\n *       IPv6|UDP where the Next Header field in the IPv6\n *       header is either TCP or UDP. IPv6 extension headers\n *       are not supported with this feature. This feature\n *       cannot be set in features for a device with\n *       NETIF_F_HW_CSUM also set. This feature is being\n *       DEPRECATED (see below).\n\nThe change causes skb_warn_bad_offload to fire for BIG TCP\npackets.\n\n[  496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0\n\n[  496.310297]  ? skb_warn_bad_offload+0xc4/0xe0\n[  496.310300]  skb_checksum_help+0x129/0x1f0\n[  496.310303]  skb_csum_hwoffload_help+0x150/0x1b0\n[  496.310306]  validate_xmit_skb+0x159/0x270\n[  496.310309]  validate_xmit_skb_list+0x41/0x70\n[  496.310312]  sch_direct_xmit+0x5c/0x250\n[  496.310317]  __qdisc_run+0x388/0x620\n\nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to\ncommunicate packet length, as this is an IPv6 jumbogram. But, the\nfeature is only enabled on devices that support BIG TCP TSO. The\nheader is only present for PF_PACKET taps like tcpdump, and not\ntransmitted by physical devices.\n\nFor this specific case of extension headers that are not\ntransmitted, return to the situation before the blamed commit\nand support hardware offload.\n\nipv6_has_hopopt_jumbo() tests not only whether this header is present,\nbut also that it is the only extension header before a terminal (L4)\nheader.\n\ud83d\udccf Published: 2025-01-15T13:06:00.128Z\n\ud83d\udccf Modified: 2025-01-15T13:06:00.128Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/ac9cfef69565021c9e1022a493a9c40b03e2caf9\n2. https://git.kernel.org/stable/c/95ccf006bbc8b59044313b8c309dcf29c546abd4\n3. https://git.kernel.org/stable/c/d3b7a9c7597b779039a51d7b34116fbe424bf2b7\n4. https://git.kernel.org/stable/c/68e068cabd2c6c533ef934c2e5151609cf6ecc6d", "creation_timestamp": "2025-01-15T14:19:14.000000Z"}, {"uuid": "c1e37cf8-d7cc-4d96-a8f0-1fb411d23f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21627", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5347", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21627\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: GLPI is a free asset and IT management software package. In versions prior to 10.0.18, a malicious link can be crafted to perform a reflected XSS attack on the search page. If the anonymous ticket creation is enabled, this attack can be performed by an unauthenticated user. Version 10.0.18 contains a fix for the issue.\n\ud83d\udccf Published: 2025-02-25T15:43:34.919Z\n\ud83d\udccf Modified: 2025-02-25T19:12:43.921Z\n\ud83d\udd17 References:\n1. https://github.com/glpi-project/glpi/security/advisories/GHSA-qm8p-jmj2-qfc2", "creation_timestamp": "2025-02-25T19:23:34.000000Z"}, {"uuid": "9467daa2-9ae2-4424-a574-3bf726dd2c71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21620", "type": "seen", "source": "https://t.me/cvedetector/14425", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21620 - Deno Authorization Header Leakage\", \n  \"Content\": \"CVE ID : CVE-2025-21620 \nPublished : Jan. 6, 2025, 11:15 p.m. | 42\u00a0minutes ago \nDescription : Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. When you send a request with the Authorization header to one domain, and the response asks to redirect to a different domain, Deno'sfetch() redirect handling creates a follow-up redirect request that keeps the original Authorization header, leaking its content to that second domain. This vulnerability is fixed in 2.1.2. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T01:18:48.000000Z"}, {"uuid": "e02079c3-85d3-4543-af13-9c3fa17129cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21628", "type": "seen", "source": "https://t.me/cvedetector/14880", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21628 - Chatwoot SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21628 \nPublished : Jan. 9, 2025, 6:15 p.m. | 43\u00a0minutes ago \nDescription : Chatwoot is a customer engagement suite. Prior to 3.16.0, conversation and contact filters endpoints did not sanitize the input of query_operator passed from the frontend or the API. This provided any actor who is authenticated, an attack vector to run arbitrary SQL within the filter query by adding a tautological WHERE clause. This issue is patched with v3.16.0. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T20:16:38.000000Z"}, {"uuid": "52934954-c6a0-4f30-b4dc-20ece317b9c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21629", "type": "seen", "source": "https://t.me/cvedetector/15441", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21629 - \"Linux Net IF - IPv6 extension header offload vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-21629 \nPublished : Jan. 15, 2025, 1:15 p.m. | 36\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets  \n  \nThe blamed commit disabled hardware offoad of IPv6 packets with  \nextension headers on devices that advertise NETIF_F_IPV6_CSUM,  \nbased on the definition of that feature in skbuff.h:  \n  \n *   * - %NETIF_F_IPV6_CSUM  \n *     - Driver (device) is only able to checksum plain  \n *       TCP or UDP packets over IPv6. These are specifically  \n *       unencapsulated packets of the form IPv6|TCP or  \n *       IPv6|UDP where the Next Header field in the IPv6  \n *       header is either TCP or UDP. IPv6 extension headers  \n *       are not supported with this feature. This feature  \n *       cannot be set in features for a device with  \n *       NETIF_F_HW_CSUM also set. This feature is being  \n *       DEPRECATED (see below).  \n  \nThe change causes skb_warn_bad_offload to fire for BIG TCP  \npackets.  \n  \n[  496.310233] WARNING: CPU: 13 PID: 23472 at net/core/dev.c:3129 skb_warn_bad_offload+0xc4/0xe0  \n  \n[  496.310297]  ? skb_warn_bad_offload+0xc4/0xe0  \n[  496.310300]  skb_checksum_help+0x129/0x1f0  \n[  496.310303]  skb_csum_hwoffload_help+0x150/0x1b0  \n[  496.310306]  validate_xmit_skb+0x159/0x270  \n[  496.310309]  validate_xmit_skb_list+0x41/0x70  \n[  496.310312]  sch_direct_xmit+0x5c/0x250  \n[  496.310317]  __qdisc_run+0x388/0x620  \n  \nBIG TCP introduced an IPV6_TLV_JUMBO IPv6 extension header to  \ncommunicate packet length, as this is an IPv6 jumbogram. But, the  \nfeature is only enabled on devices that support BIG TCP TSO. The  \nheader is only present for PF_PACKET taps like tcpdump, and not  \ntransmitted by physical devices.  \n  \nFor this specific case of extension headers that are not  \ntransmitted, return to the situation before the blamed commit  \nand support hardware offload.  \n  \nipv6_has_hopopt_jumbo() tests not only whether this header is present,  \nbut also that it is the only extension header before a terminal (L4)  \nheader. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-15T15:06:40.000000Z"}, {"uuid": "17ebeecf-1ae4-43e1-8340-5fea1edb4238", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21624", "type": "published-proof-of-concept", "source": "Telegram/AUcfxApx61EFHOeSqEfIRLhfCLQTn8bpNAF6AdXUDg93-Ws", "content": "", "creation_timestamp": "2025-03-04T22:00:06.000000Z"}]}