+- Dark C0d3rs (https://darkcoders.wiki)
+-- Forum: Exploit Log (https://darkcoders.wiki/Forum-Exploit-Log)
+--- Forum: CVE Details (https://darkcoders.wiki/Forum-CVE-Details)
+--- Thread: Daily CVE Record Information - 2025-02-15 (/Thread-Daily-CVE-Record-Information-2025-02-15)
Daily CVE Record Information - 2025-02-15 - hashXploiter - 02-15-2025
CVE-2025-26819
Monero through 0.18.3.4 before ec74ff4 does not have response limits on HTTP server connections.
CVSS Score : 8.6
Exploit Availability: Not available
CVE-2025-0998
Out of bounds memory access in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVSS Score : 0.0
Exploit Availability: Not available
CVE-2025-0997
Use after free in Navigation in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)
CVSS Score : 0.0
Exploit Availability: Not available
CVE-2025-0996
Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)
CVSS Score : 0.0
Exploit Availability: Not available
CVE-2025-0995
Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score : 0.0
Exploit Availability: Not available
CVE-2024-5462
If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP passwords, then the SNMP privsecret / authsecret fields can be exposed in plaintext. The plaintext passwords can be exposed in a configupload capture or a supportsave capture if encryption of passwords is not enabled. An attacker can use these passwords to fetch values of the supported OIDs via SNMPv3 queries. There are also a limited number of MIB objects that can be modified.
CVSS Score : 5.3
Exploit Availability: Not available
CVE-2024-5461
Implementation of the Simple Network
Management Protocol (SNMP) operating on the Brocade 6547 (FC5022)
embedded switch blade, makes internal script calls to system.sh from
within the SNMP binary. An authenticated attacker could perform command
or parameter injection on SNMP operations that are only enabled on the
Brocade 6547 (FC5022) embedded switch. This injection could allow the
authenticated attacker to issue commands as Root.
Management Protocol (SNMP) operating on the Brocade 6547 (FC5022)
embedded switch blade, makes internal script calls to system.sh from
within the SNMP binary. An authenticated attacker could perform command
or parameter injection on SNMP operations that are only enabled on the
Brocade 6547 (FC5022) embedded switch. This injection could allow the
authenticated attacker to issue commands as Root.
CVSS Score : 8.6
Exploit Availability: Not available
CVE-2024-4282
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22.
CVSS Score : 8.2
Exploit Availability: Not available