{"vulnerability": "cve-2025-4355", "sightings": [{"uuid": "1b253e6e-23f3-42bd-8d7b-462d6b99f0ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4355", "type": "published-proof-of-concept", "source": "Telegram/RpRTsk5xCo1HT8ZizhD5xEdPcjcyZYX19LPUP68XQHsKaB8", "content": "", "creation_timestamp": "2025-05-06T15:30:38.000000Z"}, {"uuid": "26c19bc6-f01a-492d-8ae7-ef073d9f5efe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4355", "type": "exploited", "source": "https://t.me/cvedetector/24602", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-4355 - Tenda DAP-1520 Heap-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-4355 \nPublished : May 6, 2025, 1:15 p.m. | 45\u00a0minutes ago \nDescription : A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-06T16:09:25.000000Z"}, {"uuid": "f263bb56-c0ff-45c3-86f3-2486ecd90d62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43551", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16221", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43551\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\ud83d\udccf Published: 2025-05-13T20:19:56.659Z\n\ud83d\udccf Modified: 2025-05-13T20:19:56.659Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html", "creation_timestamp": "2025-05-13T20:30:58.000000Z"}, {"uuid": "5d808db5-2e21-400b-8896-4a709a44b0f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43555", "type": "seen", "source": "https://t.me/cvedetector/25224", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43555 - Animate Integer Underflow Allows Arbitrary Code Execution\", \n  \"Content\": \"CVE ID : CVE-2025-43555 \nPublished : May 13, 2025, 6:15 p.m. | 59\u00a0minutes ago \nDescription : Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T21:24:31.000000Z"}, {"uuid": "b2215572-4d83-4ce3-9f38-a66b29e93cdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43557", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp32wxdgdor2", "content": "", "creation_timestamp": "2025-05-13T18:11:22.122089Z"}, {"uuid": "e8d48085-701f-494d-9f95-b760c29a824c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43556", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp32x47o72j2", "content": "", "creation_timestamp": "2025-05-13T18:11:23.939645Z"}, {"uuid": "48ff12e1-32dc-4ed4-95e3-ffa195dadc0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43555", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp32xa5nx322", "content": "", "creation_timestamp": "2025-05-13T18:11:24.765816Z"}, {"uuid": "170eab72-4d69-482c-afaf-b1f5647593d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43555", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3eaesvrv2h", "content": "", "creation_timestamp": "2025-05-13T20:48:11.791093Z"}, {"uuid": "a0ddd8a5-a240-4474-905b-0f7208a8b6a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43557", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3eaextvn2l", "content": "", "creation_timestamp": "2025-05-13T20:48:12.489143Z"}, {"uuid": "85a60301-9f70-493f-8a45-47c957c0cfb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43556", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3eafagmu2j", "content": "", "creation_timestamp": "2025-05-13T20:48:13.737344Z"}, {"uuid": "2419201f-36ae-433f-9b4b-f875ffbe98fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43553", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp3e3q4djmi2", "content": "", "creation_timestamp": "2025-05-13T21:02:15.180921Z"}, {"uuid": "25c7e1ee-08b3-4801-a68a-7624240a981a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43551", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp3e3s3xk6x2", "content": "", "creation_timestamp": "2025-05-13T21:02:16.311630Z"}, {"uuid": "5b06ac37-6e57-4ebf-ba76-7f03096c3eef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43554", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp3e3q5wo2b2", "content": "", "creation_timestamp": "2025-05-13T21:02:17.353407Z"}, {"uuid": "ffc98003-6bc7-4a41-8fcb-43e528a00110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43554", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3pehyfim2w", "content": "", "creation_timestamp": "2025-05-14T00:07:18.290698Z"}, {"uuid": "c7c71c57-4a6b-4e5a-b087-76a0ec586b5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43551", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3pei3wih2h", "content": "", "creation_timestamp": "2025-05-14T00:07:18.909426Z"}, {"uuid": "9419021f-e1f0-49f6-a22c-5775b481d4a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43553", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3peixqer2j", "content": "", "creation_timestamp": "2025-05-14T00:07:23.915435Z"}, {"uuid": "37909bb3-75f1-4e63-abbf-1d0444cfe635", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43559", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp3pej6t2p24", "content": "", "creation_timestamp": "2025-05-14T00:07:25.117506Z"}, {"uuid": "c167a378-52ac-43ef-b10a-b64cc381f6f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43555", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16186", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43555\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\ud83d\udccf Published: 2025-05-13T17:39:48.693Z\n\ud83d\udccf Modified: 2025-05-13T18:09:59.747Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/animate/apsb25-42.html", "creation_timestamp": "2025-05-13T18:30:55.000000Z"}, {"uuid": "ab44c451-460c-4de0-85b6-c148ec4dbac1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43556", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16185", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43556\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\ud83d\udccf Published: 2025-05-13T17:39:50.252Z\n\ud83d\udccf Modified: 2025-05-13T18:10:08.723Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/animate/apsb25-42.html", "creation_timestamp": "2025-05-13T18:30:54.000000Z"}, {"uuid": "2df66a69-3b78-4cfc-9ade-687976abf9d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4355", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15099", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4355\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-06T12:31:10.092Z\n\ud83d\udccf Modified: 2025-05-06T13:14:35.053Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.307473\n2. https://vuldb.com/?ctiid.307473\n3. https://vuldb.com/?submit.564720\n4. https://github.com/Ghostsuzhijian/Iot-/blob/main/DAP-1520_set_ws_action/DAP-1520_set_ws_action.md\n5. https://www.tenda.com.cn/", "creation_timestamp": "2025-05-06T13:20:48.000000Z"}, {"uuid": "bba1ff7f-0072-4aac-a1b4-7a8b7cf2bb6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43557", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16184", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43557\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Animate versions 24.0.8, 23.0.11 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\ud83d\udccf Published: 2025-05-13T17:39:51.089Z\n\ud83d\udccf Modified: 2025-05-13T18:10:18.772Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/animate/apsb25-42.html", "creation_timestamp": "2025-05-13T18:30:53.000000Z"}, {"uuid": "1aeccd79-6195-49ab-b719-f4dab13c8741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43559", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16449", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43559\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.\n\ud83d\udccf Published: 2025-05-13T20:49:30.632Z\n\ud83d\udccf Modified: 2025-05-15T04:01:39.554Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html", "creation_timestamp": "2025-05-15T04:32:44.000000Z"}, {"uuid": "f52b4021-ff99-4f5c-8cc6-18a3499cb822", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43558", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17919", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43558\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\ud83d\udccf Published: 2025-06-10T16:23:02.620Z\n\ud83d\udccf Modified: 2025-06-10T16:23:02.620Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/indesign/apsb25-53.html", "creation_timestamp": "2025-06-10T16:31:41.000000Z"}, {"uuid": "7c2f7b8e-a03e-480e-baf6-bc6545b2e1e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-4355", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3loj3enjyq52o", "content": "", "creation_timestamp": "2025-05-06T14:21:33.238176Z"}, {"uuid": "fd82eeca-b2c4-4a10-a625-c7b31a16c8f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43550", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17975", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-43550\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\n\ud83d\udccf Published: 2025-06-10T19:11:33.642Z\n\ud83d\udccf Modified: 2025-06-10T19:11:33.642Z\n\ud83d\udd17 References:\n1. https://helpx.adobe.com/security/products/acrobat/apsb25-57.html", "creation_timestamp": "2025-06-10T19:31:13.000000Z"}, {"uuid": "136b1a1a-65fd-4e89-9172-e7752f3fa93a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43557", "type": "seen", "source": "https://t.me/cvedetector/25220", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43557 - Animate Access of Uninitialized Pointer Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-43557 \nPublished : May 13, 2025, 6:15 p.m. | 59\u00a0minutes ago \nDescription : Animate versions 24.0.8, 23.0.11 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T21:24:25.000000Z"}, {"uuid": "53e9366f-5961-4e6b-a930-62fab35144a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-43556", "type": "seen", "source": "https://t.me/cvedetector/25225", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-43556 - Animate Integer Overflow or Wraparound Vulnerability (Arbitrary Code Execution)\", \n  \"Content\": \"CVE ID : CVE-2025-43556 \nPublished : May 13, 2025, 6:15 p.m. | 59\u00a0minutes ago \nDescription : Animate versions 24.0.8, 23.0.11 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T21:24:32.000000Z"}]}