Arbitrary file read in NetScaler Console and NetScaler SDX (SVM)
Publication date: Tue, 17 Jun 2025 12:38:00 +0000
Cyber News related to CVE-2025-4365
CVE-2025-22053 - In the Linux kernel, the following vulnerability has been resolved: ...
2 months ago
CVE-2025-4365 - Arbitrary file read in NetScaler Console and NetScaler SDX (SVM) ...
5 days ago
CVE-2011-4365 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4090. Reason: This candidate is a reservation duplicate of CVE-2011-4090. Notes: All CVE users should reference CVE-2011-4090 instead of this candidate. All references and ...
55 years ago Tenable.com
CVE-2007-4365 - Cross-site scripting (XSS) vulnerability in eXV2 CMS 2.0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a set_lang cookie to an unspecified component. NOTE: this may overlap CVE-2007-1965. ...
6 years ago
CVE-2023-4378 - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific ...
1 year ago
CVE-2010-4365 - SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an alleventlist_more action to index.php. ...
14 years ago
CVE-2005-4365 - Multiple cross-site scripting (XSS) vulnerabilities in FLIP 0.9.0.1029 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter in text.php and (2) frame parameter in forum.php. ...
14 years ago
CVE-2015-4365 - Cross-site scripting (XSS) vulnerability in the Taxonomy Accordion module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to taxonomy terms. ...
9 years ago
CVE-2016-4365 - HPE Insight Control server deployment allows remote attackers to obtain sensitive information via unspecified vectors. ...
8 years ago
CVE-2008-4365 - Cross-site scripting (XSS) vulnerability in search.php in Siteman 1.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained ...
7 years ago
CVE-2009-4365 - Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in ScriptsEz Ez Blog 1.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a blog via the add_blog action, (2) approve a comment via ...
7 years ago
CVE-2006-4365 - Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter in (1) includes/functions_mod_user.php or (2) ...
7 years ago
CVE-2018-4365 - An out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to iOS 12.1. ...
6 years ago
CVE-2020-4365 - IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 178964. ...
5 years ago
CVE-2013-4365 - Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors. ...
4 years ago
CVE-2022-4365 - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. A malicious Maintainer can leak the sentry token by ...
2 years ago
CVE-2021-4365 - The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to, and including, 18.2. This is due to lacking authentication protections and santisation all on the wpfm_edit_file_title_desc ...
2 years ago
CVE-2023-4365 - Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) ...
1 year ago
CVE-2014-4365 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none ...
55 years ago Tenable.com
CVE-2017-4365 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com
CVE-2024-4365 - The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘add_iframe_url_as_param_direct’ parameter in versions up to, and including, 2024.3 due to insufficient input sanitization and output escaping. This ...
1 year ago