{"vulnerability": "CVE-2025-2547", "sightings": [{"uuid": "381cb7e7-ca8d-436f-a3cc-4217009f3521", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25475", "type": "seen", "source": "https://t.me/cvedetector/18385", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25475 - DCMTK NULL Pointer Dereference Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-25475 \nPublished : Feb. 18, 2025, 11:15 p.m. | 51\u00a0minutes ago \nDescription : A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T01:11:00.000000Z"}, {"uuid": "140674fb-db26-4e14-8fc1-d6c635cfe30e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25474", "type": "seen", "source": "https://t.me/cvedetector/18384", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25474 - DCMTK Heap Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2025-25474 \nPublished : Feb. 18, 2025, 11:15 p.m. | 51\u00a0minutes ago \nDescription : DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow via the component /dcmimgle/diinpxt.h. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T01:11:00.000000Z"}, {"uuid": "5bb7f756-13f3-4cb7-95f1-e38dad2b74ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25473", "type": "seen", "source": "https://t.me/cvedetector/18383", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25473 - FFmpeg NULL Pointer Dereference in libavformat/mov.c\", \n  \"Content\": \"CVE ID : CVE-2025-25473 \nPublished : Feb. 18, 2025, 11:15 p.m. | 51\u00a0minutes ago \nDescription : FFmpeg git master before commit c08d30 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T01:10:59.000000Z"}, {"uuid": "58b0ad3e-ccf4-4a23-8022-42547620a431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25471", "type": "seen", "source": "https://t.me/cvedetector/18382", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25471 - FFmpeg NULL Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25471 \nPublished : Feb. 18, 2025, 11:15 p.m. | 51\u00a0minutes ago \nDescription : FFmpeg git master before commit fd1772 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T01:10:58.000000Z"}, {"uuid": "243dde0d-6cb8-4129-85ce-01ed21025da3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25476", "type": "seen", "source": "https://t.me/cvedetector/19194", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25476 - SysPass Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25476 \nPublished : Feb. 28, 2025, 11:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : A stored cross-site scripting (XSS) vulnerability in SysPass 3.2.x allows a malicious user with elevated privileges to execute arbitrary Javascript code by specifying a malicious XSS payload as a notification type or notification component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-01T02:13:44.000000Z"}, {"uuid": "10df77da-ada5-4d65-b649-156a8fc9fb8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25477", "type": "seen", "source": "https://t.me/cvedetector/19107", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25477 - SysPass Host Header Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25477 \nPublished : Feb. 28, 2025, 12:15 a.m. | 1\u00a0hour, 42\u00a0minutes ago \nDescription : A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-28T03:38:48.000000Z"}, {"uuid": "d85995bb-3d4c-4e4d-9df3-3096829cafc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25471", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4810", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25471\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: FFmpeg git master before commit fd1772 was discovered to contain a NULL pointer dereference via the component libavformat/mov.c.\n\ud83d\udccf Published: 2025-02-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-20T21:05:48.992Z\n\ud83d\udd17 References:\n1. https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/fd1772b7475d0d5673a5dd314ee78443d0be4cf1\n2. https://trac.ffmpeg.org/ticket/11417", "creation_timestamp": "2025-02-20T21:17:41.000000Z"}, {"uuid": "5753db9e-718c-4448-a6a6-0bbf67bffeeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25472", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4813", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25472\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file.\n\ud83d\udccf Published: 2025-02-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-20T21:01:51.752Z\n\ud83d\udd17 References:\n1. https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=410ffe2019b9db6a8f4036daac742a6f5e4d36c2", "creation_timestamp": "2025-02-20T21:17:46.000000Z"}, {"uuid": "7554927b-ad7c-4abd-af14-2d32da750caa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2547", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8233", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2547\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as problematic, has been found in D-Link DIR-618 and DIR-605L 2.02/3.02. This issue affects some unknown processing of the file /goform/formAdvNetwork. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.\n\ud83d\udccf Published: 2025-03-20T15:31:14.499Z\n\ud83d\udccf Modified: 2025-03-20T15:31:14.499Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.300161\n2. https://vuldb.com/?ctiid.300161\n3. https://vuldb.com/?submit.516789\n4. https://lavender-bicycle-a5a.notion.site/D-Link-DIR-618-formAdvNetwork-1b053a41781f8085a4e8d3c1d1de5f56?pvs=4\n5. https://lavender-bicycle-a5a.notion.site/D-Link-DIR-605L-formAdvNetwork-1b153a41781f80109325dbc96ffc0295?pvs=4\n6. https://www.dlink.com/", "creation_timestamp": "2025-03-20T16:18:24.000000Z"}, {"uuid": "c0089cb6-86ad-47e2-8246-3ba74cd854e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25475", "type": "seen", "source": "Telegram/PZ8weyvWQpCfgnbEDwVk7P1bqCkIVC8_ZND6FnWWswgF8E7k", "content": "", "creation_timestamp": "2025-02-20T23:38:15.000000Z"}, {"uuid": "a9bacce3-cc6a-4d21-a708-6f4d0b8ced76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25474", "type": "seen", "source": "Telegram/yRgDiY52HXM7iZQ3rZrXfjC34JHxZxaI5FRZ4FD5yASNrQgG", "content": "", "creation_timestamp": "2025-02-20T23:38:15.000000Z"}, {"uuid": "6652fa0e-2a3f-4abf-a511-be5ae8d60285", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2547", "type": "seen", "source": "https://t.me/cvedetector/20755", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2547 - D-Link DIR-618 and DIR-605L Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2547 \nPublished : March 20, 2025, 4:15 p.m. | 1\u00a0hour, 55\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in D-Link DIR-618 and DIR-605L 2.02/3.02. This issue affects some unknown processing of the file /goform/formAdvNetwork. The manipulation leads to improper access controls. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T19:54:41.000000Z"}, {"uuid": "e95939e8-789a-4508-a3d8-37219fc000d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25476", "type": "seen", "source": "Telegram/3xB6M54-wSCQN7enHt26ebBCCT1YEan57cXsGm01RSafoLfk", "content": "", "creation_timestamp": "2025-03-02T11:46:30.000000Z"}, {"uuid": "1c58e93a-f921-445f-bcf4-b54d699b2d50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25478", "type": "seen", "source": "Telegram/JW5Q7YJObYM1Wu0JJadvWu-BK9ANNSMIfO7ZxTpLh5r4kDFj", "content": "", "creation_timestamp": "2025-03-02T11:46:30.000000Z"}, {"uuid": "8639c334-66d1-4595-ae9c-cec831328e8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2547", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkt6sl5cq22x", "content": "", "creation_timestamp": "2025-03-20T17:08:54.957296Z"}, {"uuid": "3005d8d4-ca9d-408f-b409-3c8e6dedcfc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25473", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m7gmdqjtmk2i", "content": "", "creation_timestamp": "2025-12-07T22:55:38.552072Z"}, {"uuid": "b5049ee7-bade-4f58-bd78-b79714250a94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25473", "type": "seen", "source": "Telegram/JpkLuH3w3ossKokdyStyTWUpxPMhOuUfclzfXA5puYx4qwbv", "content": "", "creation_timestamp": "2025-02-20T23:38:15.000000Z"}, {"uuid": "17430ca9-c97c-40b8-bb47-bc1b5975ac04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25472", "type": "seen", "source": "https://t.me/cvedetector/18381", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25472 - DCMTK Buffer Overflow Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2025-25472 \nPublished : Feb. 18, 2025, 11:15 p.m. | 51\u00a0minutes ago \nDescription : A buffer overflow in DCMTK git master v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DCM file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-19T01:10:54.000000Z"}, {"uuid": "9541dfdb-718b-4f6f-82f7-2ad866baa361", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25478", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6024", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25478\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password.\n\ud83d\udccf Published: 2025-02-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T22:19:18.561Z\n\ud83d\udd17 References:\n1. https://github.com/sysentr0py/CVEs/tree/main/CVE-2025-25478", "creation_timestamp": "2025-02-28T23:27:50.000000Z"}, {"uuid": "677ad59b-61e0-4bc5-86f4-0067bb0bce9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25476", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6023", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25476\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stored cross-site scripting (XSS) vulnerability in SysPass 3.2.x allows a malicious user with elevated privileges to execute arbitrary Javascript code by specifying a malicious XSS payload as a notification type or notification component.\n\ud83d\udccf Published: 2025-02-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-28T22:20:58.947Z\n\ud83d\udd17 References:\n1. https://github.com/sysentr0py/CVEs/tree/main/CVE-2025-25476", "creation_timestamp": "2025-02-28T23:27:50.000000Z"}, {"uuid": "f65dc80b-e2bd-4cc3-ad44-3ad185ca78f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25477", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5812", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25477\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A host header injection vulnerability in SysPass 3.2x allows an attacker to load malicious JS files from an arbitrary domain which would be executed in the victim's browser.\n\ud83d\udccf Published: 2025-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T23:14:34.559Z\n\ud83d\udd17 References:\n1. https://github.com/sysentr0py/CVEs/tree/main/CVE-2025-25477", "creation_timestamp": "2025-02-27T23:25:33.000000Z"}, {"uuid": "de3c7399-a35f-4b89-8bdd-acadf7f9c11a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25477", "type": "seen", "source": "Telegram/xvZCT4UgKPo96JnQ7twQUiScLaIvrNcCGdnoyKC_rd4mo6MD", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "d4d5f4c6-6002-4556-9b6e-9b292eb84408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25471", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3liifev3u6d2y", "content": "", "creation_timestamp": "2025-02-18T23:16:47.272484Z"}, {"uuid": "e38f2e3b-8470-442f-90b1-7856a5fe1173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25472", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3liifexbxdl2y", "content": "", "creation_timestamp": "2025-02-18T23:16:49.586310Z"}, {"uuid": "cf471506-6ec8-4bd3-b91a-2552cdcfa81f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25473", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3liifezjmor2h", "content": "", "creation_timestamp": "2025-02-18T23:16:51.934256Z"}, {"uuid": "da8aa783-f31d-4387-84be-c1d3f46d679b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25474", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3liiff3tiwz2t", "content": "", "creation_timestamp": "2025-02-18T23:16:54.495061Z"}, {"uuid": "ae0e9eac-561e-44df-ab8c-9f40a6ee442b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25475", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3liiff6b7e42g", "content": "", "creation_timestamp": "2025-02-18T23:16:56.871563Z"}, {"uuid": "50738c1c-75e9-47ac-bdb1-1b42ce9d6d2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25477", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lj7ccv5fxx2w", "content": "", "creation_timestamp": "2025-02-28T01:53:19.381570Z"}, {"uuid": "3ae6648d-fb46-419a-adc3-1db0cc628942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25478", "type": "seen", "source": "https://t.me/cvedetector/19195", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25478 - Syspass Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25478 \nPublished : Feb. 28, 2025, 11:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : The account file upload functionality in Syspass 3.2.x fails to properly handle special characters in filenames. This mismanagement leads to the disclosure of the web application s source code, exposing sensitive information such as the database password. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-01T02:13:45.000000Z"}, {"uuid": "2daafa63-a30f-4553-82d0-18a0f6c13825", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25475", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4808", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25475\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A NULL pointer dereference in the component /libsrc/dcrleccd.cc of DCMTK v3.6.9+ DEV allows attackers to cause a Denial of Service (DoS) via a crafted DICOM file.\n\ud83d\udccf Published: 2025-02-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-20T21:08:21.600Z\n\ud83d\udd17 References:\n1. https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=bffa3e9116abb7038b432443f16b1bd390e80245\n2. https://github.com/DCMTK/dcmtk/commit/bffa3e9116abb7038b432443f16b1bd390e80245", "creation_timestamp": "2025-02-20T21:17:39.000000Z"}, {"uuid": "8b9e5b33-15e0-47d1-9b71-61613e392d1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25477", "type": "seen", "source": "Telegram/cZiMlUZG82jBqO0dhj1yHS79N6xQ424D0JwYIM4KIH2wBj1p", "content": "", "creation_timestamp": "2025-03-02T11:44:21.000000Z"}, {"uuid": "32bff035-fe5e-4743-ba80-071dfb520965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-25477", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114082772618152385", "content": "", "creation_timestamp": "2025-02-28T17:49:23.673538Z"}]}