{"vulnerability": "CVE-2025-2258", "sightings": [{"uuid": "42f618d2-df63-47b7-ba94-d36a48923abf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22587", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113833122070712591", "content": "", "creation_timestamp": "2025-01-15T15:39:58.589020Z"}, {"uuid": "75bb92c4-b404-465d-9d27-b3989e835809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22587", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfs5zhcqgd2f", "content": "", "creation_timestamp": "2025-01-15T16:16:10.084507Z"}, {"uuid": "248031dd-00d2-45b9-a08c-71bbedee66e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22582", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62igtjq22i", "content": "", "creation_timestamp": "2025-01-07T16:19:43.413210Z"}, {"uuid": "bee8d7a8-a3e8-4cb4-8817-08f3d0731e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22584", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62ij7cz62a", "content": "", "creation_timestamp": "2025-01-07T16:19:45.523285Z"}, {"uuid": "c6959e67-0a89-4a24-b130-6f25dc1eb9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22581", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62iegztu2o", "content": "", "creation_timestamp": "2025-01-07T16:19:41.160316Z"}, {"uuid": "77ef333b-4d40-4787-9a14-64ac81219aba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22588", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfmwf7rttb2j", "content": "", "creation_timestamp": "2025-01-13T14:16:16.322146Z"}, {"uuid": "cc4b5393-759c-47c5-803c-d4972d78919a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22580", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62ibwtn325", "content": "", "creation_timestamp": "2025-01-07T16:19:38.884898Z"}, {"uuid": "4d1a4df4-1508-4552-b8a0-37455f950557", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22589", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62iofcgo22", "content": "", "creation_timestamp": "2025-01-07T16:19:50.993486Z"}, {"uuid": "51d2140b-1c16-453d-8c3a-694c42c3da73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22585", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62ilprbx2l", "content": "", "creation_timestamp": "2025-01-07T16:19:48.157758Z"}, {"uuid": "6f867a73-989a-48ba-b28b-159b23d493dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22583", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfmwf3k34b2p", "content": "", "creation_timestamp": "2025-01-13T14:16:11.857788Z"}, {"uuid": "6107668f-16ef-4435-8128-f77493fb6413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22586", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfmwf5oe752s", "content": "", "creation_timestamp": "2025-01-13T14:16:13.878495Z"}, {"uuid": "14353b31-a800-49dd-ada3-e30aa0a67b2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22585", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf63tff5te2u", "content": "", "creation_timestamp": "2025-01-07T16:43:45.298658Z"}, {"uuid": "c0f7c5c1-2d23-4830-8b82-a87466eedc8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22584", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf63tfjlej2g", "content": "", "creation_timestamp": "2025-01-07T16:43:45.842012Z"}, {"uuid": "a1595ec6-3bbc-4408-88e3-286522294d85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22580", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf63tfsaug25", "content": "", "creation_timestamp": "2025-01-07T16:43:46.847704Z"}, {"uuid": "59274321-8b72-43e9-b1ce-86c291fd19a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22589", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf63tfvijx2k", "content": "", "creation_timestamp": "2025-01-07T16:43:47.421389Z"}, {"uuid": "39e585ed-8a8d-47e3-8a64-dea0d553ab9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22583", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfn37vnshd2q", "content": "", "creation_timestamp": "2025-01-13T15:42:48.779602Z"}, {"uuid": "40aa3035-d43f-40fb-aff5-8e484ef89c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2258", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lm6l22o2vr2i", "content": "", "creation_timestamp": "2025-04-06T23:12:18.470289Z"}, {"uuid": "acafba12-11d2-49f4-9d00-a883071789f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2258", "type": "seen", "source": "https://infosec.place/objects/73e4b60c-da54-4219-8066-96648096b35b", "content": "", "creation_timestamp": "2025-04-14T14:00:16.995519Z"}, {"uuid": "e66b3c99-3c6c-4243-b19d-420429a49aa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2258", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lms2jufbwh2y", "content": "", "creation_timestamp": "2025-04-14T17:10:07.408483Z"}, {"uuid": "a9ad3e7b-a63d-42c8-8f00-2dc4a9aa082a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2258", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10640", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2258\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before \nversion 6.4.3, an attacker can cause an integer underflow and a \nsubsequent denial of service by writing a very large file, by specially \ncrafted packets with Content-Length smaller than the data request size. A\n possible workaround is to disable HTTP PUT support.\n\n\n\n\nThis issue follows an uncomplete fix in CVE-2025-0728.\n\ud83d\udccf Published: 2025-04-06T18:50:42.764Z\n\ud83d\udccf Modified: 2025-04-06T18:50:42.764Z\n\ud83d\udd17 References:\n1. https://github.com/eclipse-threadx/netxduo/commit/6c8e9d1c95d71bd4b313e1cc37d8f8841543b248\n2. https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-chqp-8vf8-cj25", "creation_timestamp": "2025-04-06T19:44:14.000000Z"}, {"uuid": "6fd7d822-cb13-43da-ba5e-d4d67e99ac05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22589", "type": "seen", "source": "https://t.me/cvedetector/14547", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22589 - Bozdoz Quote Tweet CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-22589 \nPublished : Jan. 7, 2025, 4:15 p.m. | 41\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in bozdoz Quote Tweet allows Stored XSS.This issue affects Quote Tweet: from n/a through 0.7. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:03:14.000000Z"}, {"uuid": "d39d6945-6bb0-40a9-ba55-2113c3e73565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2258", "type": "seen", "source": "https://t.me/cvedetector/22231", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2258 - Eclipse ThreadX NetX Duo HTTP Server Integer Underflow Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2258 \nPublished : April 6, 2025, 7:15 p.m. | 2\u00a0hours, 48\u00a0minutes ago \nDescription : In NetX Duo component HTTP server functionality of Eclipse ThreadX NetX Duo before   \nversion 6.4.3, an attacker can cause an integer underflow and a   \nsubsequent denial of service by writing a very large file, by specially   \ncrafted packets with Content-Length smaller than the data request size. A  \n possible workaround is to disable HTTP PUT support.  \n  \n  \n  \n  \nThis issue follows an uncomplete fix in CVE-2025-0728. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-07T00:20:11.000000Z"}, {"uuid": "3ff19bc7-48d4-4d24-9d91-759b3c4171a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22588", "type": "seen", "source": "https://t.me/cvedetector/15140", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22588 - Scanventory Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22588 \nPublished : Jan. 13, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scanventory.net Scanventory allows Reflected XSS.This issue affects Scanventory: from n/a through 1.1.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T16:14:13.000000Z"}, {"uuid": "1440fcdb-71ae-45e4-a075-822b5e219f9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22585", "type": "seen", "source": "https://t.me/cvedetector/14557", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22585 - Themebon Ultimate Image Hover Effects Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-22585 \nPublished : Jan. 7, 2025, 4:15 p.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themebon Ultimate Image Hover Effects allows DOM-Based XSS.This issue affects Ultimate Image Hover Effects: from n/a through 1.1.2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:03:28.000000Z"}, {"uuid": "8e9d28de-4f42-4ac9-b023-ff26f9309e58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22584", "type": "seen", "source": "https://t.me/cvedetector/14556", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22584 - Pluginspoint Timeline Pro Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22584 \nPublished : Jan. 7, 2025, 4:15 p.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pluginspoint Timeline Pro allows DOM-Based XSS.This issue affects Timeline Pro: from n/a through 1.3. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:03:24.000000Z"}, {"uuid": "23cf2443-c39d-4bf4-9218-98897ae29cfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22582", "type": "seen", "source": "https://t.me/cvedetector/14555", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22582 - Uptime Robot CSRF Vulnerability allowing Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2025-22582 \nPublished : Jan. 7, 2025, 4:15 p.m. | 41\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Scott Nell\u00e9 Uptime Robot allows Stored XSS.This issue affects Uptime Robot: from n/a through 0.1.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:03:24.000000Z"}, {"uuid": "63b2b452-0147-41aa-8c34-fdf5816bbdee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22581", "type": "seen", "source": "https://t.me/cvedetector/14554", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22581 - Bytephp Arcade Ready Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22581 \nPublished : Jan. 7, 2025, 4:15 p.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bytephp Arcade Ready allows Stored XSS.This issue affects Arcade Ready: from n/a through 1.1. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:03:23.000000Z"}, {"uuid": "a4b68b6d-a7c7-4ce0-9347-71aed6412269", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22580", "type": "seen", "source": "https://t.me/cvedetector/14553", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22580 - Biltorvet A/S Biltorvet Dealer Tools Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22580 \nPublished : Jan. 7, 2025, 4:15 p.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biltorvet A/S Biltorvet Dealer Tools allows Stored XSS.This issue affects Biltorvet Dealer Tools: from n/a through 1.0.22. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:03:22.000000Z"}, {"uuid": "2d290af2-05ae-4828-8a3a-8f59c40c446a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22586", "type": "seen", "source": "https://t.me/cvedetector/15139", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22586 - WPEX Replace DB Urls Cross-site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-22586 \nPublished : Jan. 13, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detlef St\u00f6ver WPEX Replace DB Urls allows Reflected XSS.This issue affects WPEX Replace DB Urls: from n/a through 0.4.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T16:14:09.000000Z"}, {"uuid": "b2586569-34b1-4f81-86cc-f20b5c2ba4c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-22583", "type": "seen", "source": "https://t.me/cvedetector/15138", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22583 - Anshul Sojatia Scan External Links Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-22583 \nPublished : Jan. 13, 2025, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anshul Sojatia Scan External Links allows Reflected XSS.This issue affects Scan External Links: from n/a through 1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-13T16:14:08.000000Z"}]}