CVE-2025-1234

CVE-2012-45971 - 1) McAfee Email and Web Security and Email Gateway contains a flaw related to the /admin/cgi-bin/localadmin script. The issue is due to the script calling the SCMAdmin::AuthManagement::localLogin() function when $ENV{WS_SOURCE_IP} is 127.0.0.1. ...
55 years ago Tenable.com

CISA Releases Thirteen Industrial Control Systems Focusing Vulnerabilities & Exploits - An improper output neutralization for logs vulnerability CVE-2024-5594 in Siemens SINEMA Remote Connect Server.  It allows a malicious OpenVPN peer to send garbage to the OpenVPN log or cause high CPU load. The advisory includes missing ...
4 months ago Cybersecuritynews.com CVE-2024-5594

Lazarus APT Attacking Organizations by Exploiting One-Day vulnerabilities - Cybersecurity experts have identified a sophisticated campaign by the North Korean state-sponsored Lazarus APT group targeting critical infrastructure and financial organizations worldwide. Cyber Security News is a Dedicated News Platform For Cyber ...
2 months ago Cybersecuritynews.com CVE-2025-1234

CVE-2025-1234 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
1 week ago

CVE-2025-21812 - In the Linux kernel, the following vulnerability has been resolved: ...
4 months ago

CISA Warns of Edimax IP Camera OS Command Injection Vulnerability Exploited in Attacks - “Successful exploitation of this vulnerability could allow an attacker to send specially crafted requests to achieve remote code execution on the device,” reads CISA’s advisory. The vulnerability, tracked as CVE-2025-1316, allows ...
3 months ago Cybersecuritynews.com CVE-2025-1316

CISA Releases 20 ICS Advisories Detailing Vulnerabilities & Exploits - Vulnerabilities in the SIPROTEC 5 series include Cleartext storage of sensitive information (CVE-2024-53651), which has a CVSS v3 base score of 4.6. Mitigation involves firmware updates and restricting network access. This SCADA management software ...
5 months ago Cybersecuritynews.com CVE-2024-53651 CVE-2025-25067 CVE-2025-24865 CVE-2025-22896 CVE-2025-23411 CVE-2023-37482 CVE-2024-54015 CVE-2022-38465 CVE-2025-24811 CVE-2025-20615 CVE-2025-24836 CVE-2025-23421 CVE-2024-53977 CVE-2025-23363 CVE-2025-1283 CVE-2025-23403 CVE-2025-26473 CVE-2025-25281 CVE-2025-24861

CVE-2002-1234 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0180. Reason: This candidate is a an out-of-band assignment duplicate of CVE-2002-0180. Notes: All CVE users should reference CVE-2002-0180 instead of this candidate. All ...
55 years ago Tenable.com

CVE-2012-1234 - SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234. ...
13 years ago

CVE-2006-3940 - Multiple SQL injection vulnerabilities in phpbb-Auction allow remote attackers to execute arbitrary SQL commands via (1) the ar parameter in auction_room.php and (2) the u parameter in auction_store.php. NOTE: the auction_rating.php vector is already ...
6 years ago

CVE-2021-40330 - git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. ...
2 years ago

CVE-2015-1234 - Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact by manipulating OpenGL ES ...
3 years ago

CVE-2016-1234 - Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name. ...
3 years ago

CVE-2000-1234 - violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters. ...
16 years ago

CVE-2001-1234 - Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. ...
16 years ago

CVE-2022-22172 - A Missing Release of Memory after Effective Lifetime vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause a memory leak. Continued ...
3 years ago

CVE-2013-1234 - The SNMP module in Cisco IOS XR allows remote authenticated users to cause a denial of service (process restart) via crafted SNMP packets, aka Bug ID CSCue69472. ...
12 years ago

CVE-2014-1234 - The paratrooper-newrelic gem 1.0.1 for Ruby allows local users to obtain the X-Api-Key value by listing the curl process. ...
1 year ago

CVE-2015-3969 - Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection information via a request to UDP port (1) 1234 or (2) 1235. ...
9 years ago

CVE-2015-6016 - ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00AANC0b5, and NBG-418N devices have a default password of 1234 for the admin account, which allows remote attackers to obtain administrative access via ...
8 years ago

CVE-2015-7283 - The web administration interface on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 has a default password of 1234 for the admin account, which allows remote attackers to obtain administrative privileges by leveraging a LAN session. ...
8 years ago

CVE-2017-1234 - IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ...
8 years ago

CVE-2010-1234 - Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to truncate the URL shown in the HTTP Basic Authentication dialog via unknown vectors. ...
7 years ago

CVE-2009-1234 - Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected. ...
7 years ago

CVE-2004-1234 - load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL. ...
7 years ago