https://db.gcve.eu/sightings/feedMost recent sightings.2026-05-02T13:05:25.530952+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/75902919-6d37-419c-be4a-a17652544828/export75902919-6d37-419c-be4a-a176525448282026-05-02T13:05:26.000300+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "75902919-6d37-419c-be4a-a17652544828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0425", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4758", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0425\n\ud83d\udd25 CVSS Score: 8.5 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Via the GUI of the \"bestinformed Infoclient\", a low-privileged user is by default able to change the server address of the \"bestinformed Server\" to which this client connects. This is dangerous as the \"bestinformed Infoclient\" runs with elevated permissions (\"nt authority\\system\"). By changing the server address to a malicious server, or a script simulating a server, the user is able to escalate his privileges by abusing certain features of the \"bestinformed Web\" server. Those features include:\n * Pushing of malicious update packages\n * Arbitrary Registry Read as \"nt authority\\system\"\n\n\nAn attacker is able to escalate his privileges to \"nt authority\\system\" on the Windows client running the \"bestinformed Infoclient\".\u00a0\n\n\nThis attack is not possible if a custom configuration (\"Infoclient.ini\")\u00a0containing the flags \"ShowOnTaskbar=false\" or \"DisabledItems=stPort,stAddress\" is deployed.\n\ud83d\udccf Published: 2025-02-18T07:57:35.329Z\n\ud83d\udccf Modified: 2025-02-18T07:57:35.329Z\n\ud83d\udd17 References:\n1. https://www.cordaware.com/changelog/en/version-6_3_8_1.html", "creation_timestamp": "2025-02-18T08:41:03.000000Z"}2025-02-18T08:41:03+00:00https://db.gcve.eu/sighting/7cfe989b-19d3-4d36-830a-5e4d2a4a2715/export7cfe989b-19d3-4d36-830a-5e4d2a4a27152026-05-02T13:05:26.000220+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "7cfe989b-19d3-4d36-830a-5e4d2a4a2715", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0425", "type": "seen", "source": "Telegram/uXTsRbSVOAxT-nr3t30Hie5F7TyPrUPFsbnyygTMVunZ5lI", "content": "", "creation_timestamp": "2025-02-18T10:00:46.000000Z"}2025-02-18T10:00:46+00:00https://db.gcve.eu/sighting/5becf03d-df0f-4d1a-9c14-12a5ce36a755/export5becf03d-df0f-4d1a-9c14-12a5ce36a7552026-05-02T13:05:25.999007+00:00cedrichttp://db.gcve.eu/user/cedric{"uuid": "5becf03d-df0f-4d1a-9c14-12a5ce36a755", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0425", "type": "seen", "source": "https://t.me/cvedetector/18302", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-0425 - Bestinformed Infoclient Server Address Manipulation Privilege Escalation\", \n \"Content\": \"CVE ID : CVE-2025-0425 \nPublished : Feb. 18, 2025, 8:15 a.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : Via the GUI of the \"bestinformed Infoclient\", a low-privileged user is by default able to change the server address of the \"bestinformed Server\" to which this client connects. This is dangerous as the \"bestinformed Infoclient\" runs with elevated permissions (\"nt authority\\system\"). By changing the server address to a malicious server, or a script simulating a server, the user is able to escalate his privileges by abusing certain features of the \"bestinformed Web\" server. Those features include: \n * Pushing of malicious update packages \n * Arbitrary Registry Read as \"nt authority\\system\" \n \n \nAn attacker is able to escalate his privileges to \"nt authority\\system\" on the Windows client running the \"bestinformed Infoclient\".\u00a0 \n \n \nThis attack is not possible if a custom configuration (\"Infoclient.ini\")\u00a0containing the flags \"ShowOnTaskbar=false\" or \"DisabledItems=stPort,stAddress\" is deployed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"18 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T10:57:38.000000Z"}2025-02-18T10:57:38+00:00