{"vulnerability": "CVE-2025-2995", "sightings": [{"uuid": "7b2c497c-f991-429b-a0d4-2d6f0d0ca730", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29953", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ln3xyzcy5e2n", "content": "", "creation_timestamp": "2025-04-18T15:51:32.262370Z"}, {"uuid": "2c049c33-e113-4ba4-b15c-045b49960e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29953", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114359896039866512", "content": "", "creation_timestamp": "2025-04-18T16:25:31.443613Z"}, {"uuid": "743de457-3fd9-44c2-825c-2c45c45120c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29953", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ln42fpreks2u", "content": "", "creation_timestamp": "2025-04-18T16:34:28.030485Z"}, {"uuid": "ae6f6ebc-0f5a-411e-a7bb-c93aa66cf4bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29953", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lna5b5dh6u2s", "content": "", "creation_timestamp": "2025-04-20T07:36:12.166015Z"}, {"uuid": "07534699-4fc9-4732-85a1-7c38df5ed260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29957", "type": "seen", "source": "https://infosec.exchange/users/0patch/statuses/114591354341052396", "content": "", "creation_timestamp": "2025-05-29T13:28:25.764658Z"}, {"uuid": "0bf81cd8-1cf6-4055-a4bf-2b57ce946781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29957", "type": "seen", "source": "https://infosec.exchange/users/0patch/statuses/114591356547747698", "content": "", "creation_timestamp": "2025-05-29T13:28:58.481281Z"}, {"uuid": "4510a2af-e1ba-44d2-8c82-2d12d3ba82eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29953", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lnqx3xlupc26", "content": "", "creation_timestamp": "2025-04-27T00:01:13.195357Z"}, {"uuid": "ddbd5857-bc1d-4f2e-80a2-c8e4eede0085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29953", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-266/", "content": "", "creation_timestamp": "2025-04-30T03:00:00.000000Z"}, {"uuid": "5abd0762-6345-4dd6-b4c7-c741255d81bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29959", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lp2zspyfhs25", "content": "", "creation_timestamp": "2025-05-13T17:41:31.577478Z"}, {"uuid": "f6f9355e-70cd-4d47-b3e4-bfa44e6c1d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29958", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "3b36e908-bf7d-449d-aa56-4761b33dcc6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29955", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16195", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29955\n\ud83d\udd25 CVSS Score: 6.2 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.\n\ud83d\udccf Published: 2025-05-13T16:59:05.062Z\n\ud83d\udccf Modified: 2025-05-13T17:58:25.776Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29955", "creation_timestamp": "2025-05-13T18:31:04.000000Z"}, {"uuid": "2fefcb83-66ce-491d-85f6-a2e7c8ecf82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29956", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16197", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29956\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.\n\ud83d\udccf Published: 2025-05-13T16:59:05.599Z\n\ud83d\udccf Modified: 2025-05-13T17:54:00.570Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29956", "creation_timestamp": "2025-05-13T18:31:06.000000Z"}, {"uuid": "e3106f42-c65f-4f11-8638-e8c4e273bbe2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29957", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lqcx7zgp3n2g", "content": "", "creation_timestamp": "2025-05-29T14:41:46.267289Z"}, {"uuid": "3ec38387-35c6-483d-8680-a7546823acf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29956", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "f06da853-a2cd-40e8-9ecb-f03bacdaa271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29953", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12531", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29953\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client.\n\nThis issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious responses that may eventually cause arbitrary code execution on the client. Version 2.1.0 introduced a allow/denylist feature to restrict deserialization, but this feature could be bypassed.\n\nThe .NET team has deprecated the built-in .NET binary serialization feature starting with .NET 9 and suggests migrating away from binary serialization. The project is considering to follow suit and drop this part of the NMS API altogether.\n\nUsers are recommended to upgrade to version 2.1.1, which fixes the issue. We also recommend to migrate away from relying on .NET binary serialization as a hardening method for the future.\n\ud83d\udccf Published: 2025-04-18T15:23:31.658Z\n\ud83d\udccf Modified: 2025-04-18T18:03:24.623Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/vc1sj9y3056d3kkhcvrs9fyw5w8kpmlx", "creation_timestamp": "2025-04-18T18:58:53.000000Z"}, {"uuid": "c752a7b6-57ed-4825-a8cc-3fe2e769e3c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29953", "type": "seen", "source": "https://t.me/cvedetector/23317", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29953 - Apache ActiveMQ NMS OpenWire Client Arbitrary Code Execution via Untrusted Deserialization\", \n  \"Content\": \"CVE ID : CVE-2025-29953 \nPublished : April 18, 2025, 4:15 p.m. | 26\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client.  \n  \nThis issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious responses that may eventually cause arbitrary code execution on the client. Version 2.1.0 introduced a allow/denylist feature to restrict deserialization, but this feature could be bypassed.  \n  \nThe .NET team has deprecated the built-in .NET binary serialization feature starting with .NET 9 and suggests migrating away from binary serialization. The project is considering to follow suit and drop this part of the NMS API altogether.  \n  \nUsers are recommended to upgrade to version 2.1.1, which fixes the issue. We also recommend to migrate away from relying on .NET binary serialization as a hardening method for the future. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-18T19:04:59.000000Z"}, {"uuid": "8af6f3fc-2abe-4fc1-80cd-ea8e3956b22a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29959", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "57e0cac7-b77d-4d07-b6c3-9e6312f0bee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29955", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "b15682d3-c81f-41e8-a426-0ae76559d947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29957", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "7763e06c-c527-491a-9a8a-ddbe0cde716f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29954", "type": "seen", "source": "https://www.thezdi.com/blog/2025/5/13/the-may-2025-security-update-review", "content": "", "creation_timestamp": "2025-05-13T16:27:02.000000Z"}, {"uuid": "13a81905-adeb-4105-9a4b-5c1e9507ee52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29959", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16231", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29959\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.\n\ud83d\udccf Published: 2025-05-13T16:58:28.865Z\n\ud83d\udccf Modified: 2025-05-13T20:14:08.995Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29959", "creation_timestamp": "2025-05-13T20:31:11.000000Z"}, {"uuid": "0079c879-6a43-4e3f-9adb-527456621d21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2995", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9653", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2995\n\ud83d\udd25 CVSS Score: 6.9 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. This vulnerability affects unknown code of the file /goform/SysToolChangePwd of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-31T12:31:11.879Z\n\ud83d\udccf Modified: 2025-03-31T14:19:46.183Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302044\n2. https://vuldb.com/?ctiid.302044\n3. https://vuldb.com/?submit.523418\n4. https://lavender-bicycle-a5a.notion.site/Tenda-FH1202-SysToolChangePwd-1bc53a41781f809b95a4efb617090d3c?pvs=4\n5. https://www.tenda.com.cn/", "creation_timestamp": "2025-03-31T14:31:56.000000Z"}, {"uuid": "2ea6ac9a-6f11-4f67-b5ea-14ddad7c2baa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-29954", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16193", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29954\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.\n\ud83d\udccf Published: 2025-05-13T16:59:04.362Z\n\ud83d\udccf Modified: 2025-05-13T18:07:32.596Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29954", "creation_timestamp": "2025-05-13T18:31:02.000000Z"}]}