{"vulnerability": "CVE-2025-2309", "sightings": [{"uuid": "a59482d9-bedf-44ed-9b5a-fb00ca3092c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23091", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lh3xqddieb27", "content": "", "creation_timestamp": "2025-02-01T07:15:30.458894Z"}, {"uuid": "9bd317ad-b753-4474-af93-7baa8292f3ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23090", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgccgsaye72f", "content": "", "creation_timestamp": "2025-01-22T02:17:48.485153Z"}, {"uuid": "c6f55504-a3a9-4cf8-9c11-1e4209538a48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23090", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgceaoazed2e", "content": "", "creation_timestamp": "2025-01-22T02:50:13.016895Z"}, {"uuid": "4bac342a-23b6-4dfb-9d7a-d12b05a52d99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23091", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lh3z4ba2vc2g", "content": "", "creation_timestamp": "2025-02-01T07:40:07.512202Z"}, {"uuid": "a054a5e9-dcec-409a-a9d6-b152e4a74dbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23093", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lgskskvvij2a", "content": "", "creation_timestamp": "2025-01-28T13:30:09.837603Z"}, {"uuid": "86409ad4-ec93-47e2-b98b-52103b95a36f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23093", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113958770199631514", "content": "", "creation_timestamp": "2025-02-06T20:13:56.756093Z"}, {"uuid": "5c5416d0-03d0-4749-9a58-abb7dada55b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23093", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhjvpekh3c2s", "content": "", "creation_timestamp": "2025-02-06T20:16:26.948257Z"}, {"uuid": "439817e7-b479-4f17-8e96-74bbffada8c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23093", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhk6afhma423", "content": "", "creation_timestamp": "2025-02-06T22:49:09.355993Z"}, {"uuid": "a4d18602-a185-4af7-8713-ffb5d194984f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23094", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lgskskvvij2a", "content": "", "creation_timestamp": "2025-01-28T13:30:09.902836Z"}, {"uuid": "0997312c-81bb-4d1b-a7c8-f94a76f3780e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23094", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhk6ahfpqn2v", "content": "", "creation_timestamp": "2025-02-06T22:49:17.335798Z"}, {"uuid": "7ad1392f-2765-4bcd-8f85-721292da8676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23094", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113958810648929900", "content": "", "creation_timestamp": "2025-02-06T20:24:13.962131Z"}, {"uuid": "25000e0c-3fcb-4323-80fb-f32e8fd8cd7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23094", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhjz25ujap2x", "content": "", "creation_timestamp": "2025-02-06T21:16:10.321199Z"}, {"uuid": "82ab24af-3a10-4706-99eb-51ddf35ce59c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23093", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lgrkrtbk7k2f", "content": "", "creation_timestamp": "2025-01-28T03:57:11.336187Z"}, {"uuid": "5d324c5c-7dff-40cf-9270-935b24a604c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23094", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lgrkrtbk7k2f", "content": "", "creation_timestamp": "2025-01-28T03:57:11.401237Z"}, {"uuid": "4ec4a5e9-88b1-40b3-a46b-9d23910f44aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23097", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqqaz7o5jb2r", "content": "", "creation_timestamp": "2025-06-03T21:41:31.672205Z"}, {"uuid": "fecce537-dd83-4662-b8ee-661f2a1a4a2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2309", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkevuhmbnl2m", "content": "", "creation_timestamp": "2025-03-15T00:51:35.372394Z"}, {"uuid": "ef2525d5-e48e-4ce7-9bf8-4fb0229fdf57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23092", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lrk4lpvw2l2s", "content": "", "creation_timestamp": "2025-06-14T04:31:37.867360Z"}, {"uuid": "a43ba02d-f039-4a57-aa48-3b32c5c8c9c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23098", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqq7swhphv25", "content": "", "creation_timestamp": "2025-06-03T21:20:07.247147Z"}, {"uuid": "71fc41f4-4328-4ab7-af7f-6e2a68cedc68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23092", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lscsszhwa325", "content": "", "creation_timestamp": "2025-06-24T00:13:18.115633Z"}, {"uuid": "0ee912c4-525b-4b3b-86d2-1fae1ccc5240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23099", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqnjlazxvvy2", "content": "", "creation_timestamp": "2025-06-02T19:36:57.422402Z"}, {"uuid": "cf63c7d0-f202-48d6-aa24-e0d31ce96805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23091", "type": "seen", "source": "https://t.me/cvedetector/17014", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23091 - \"UniFi OS Certificate Validation Weakness\"\", \n  \"Content\": \"CVE ID : CVE-2025-23091 \nPublished : Feb. 1, 2025, 7:15 a.m. | 1\u00a0hour, 23\u00a0minutes ago \nDescription : An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-01T09:47:58.000000Z"}, {"uuid": "3b037e2a-6913-429f-94de-0b9f852e6f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23094", "type": "seen", "source": "https://t.me/cvedetector/17442", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23094 - Mitel OpenScape 4000 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23094 \nPublished : Feb. 6, 2025, 9:15 p.m. | 1\u00a0hour, 29\u00a0minutes ago \nDescription : The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager V11 R0.22.0 through V11 R0.22.1, V10 R1.54.0 through V10 R1.54.1, and V10 R1.42.6 and earlier could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the same privilege level as the web access process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-07T00:26:09.000000Z"}, {"uuid": "d2bf3a86-5893-49ff-ad10-e8fb53b654e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23091", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3756", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23091\n\ud83d\udd25 CVSS Score: 5.8 (CVSS_V3)\n\ud83d\udd39 Description: An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.\n\ud83d\udccf Published: 2025-02-01T09:30:28Z\n\ud83d\udccf Modified: 2025-02-01T09:30:28Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2025-23091\n2. https://community.ui.com/releases/Security-Advisory-Bulletin-045-045/6011bc61-f2eb-457f-b71d-755703817aaf", "creation_timestamp": "2025-02-01T10:15:47.000000Z"}, {"uuid": "3177a59a-319f-4af4-aebf-e60d5f935d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23093", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3946", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23093\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-06T20:15:40.587\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0001", "creation_timestamp": "2025-02-11T23:11:53.000000Z"}, {"uuid": "bc2c9521-49b3-4f23-9512-122bc47dbb20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23094", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3945", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23094\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-06T21:15:23.477\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0001", "creation_timestamp": "2025-02-11T23:11:51.000000Z"}, {"uuid": "6091eec1-cae0-442e-9b7b-5eb5b710fb93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2309", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15501", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2309\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.\n\ud83d\udccf Published: 2025-03-14T21:00:07.781Z\n\ud83d\udccf Modified: 2025-05-08T08:58:58.349Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299722\n2. https://vuldb.com/?ctiid.299722\n3. https://vuldb.com/?submit.514532\n4. https://github.com/madao123123/crash_report/blob/main/hdf5_poc/hdf5_poc3.md", "creation_timestamp": "2025-05-08T09:23:42.000000Z"}, {"uuid": "c500be02-7397-4840-923b-f6b69da0c963", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23094", "type": "seen", "source": "https://t.me/CyberBulletin/2189", "content": "\u26a1CVE-2025-23093 & CVE-2025-23094: Mitel OpenScape Users Urged to Update Now.\n\n#CyberBulletin", "creation_timestamp": "2025-01-28T11:36:23.000000Z"}, {"uuid": "37979c85-0caf-4299-b4ba-c1501050bb95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23093", "type": "seen", "source": "https://t.me/CyberBulletin/2189", "content": "\u26a1CVE-2025-23093 & CVE-2025-23094: Mitel OpenScape Users Urged to Update Now.\n\n#CyberBulletin", "creation_timestamp": "2025-01-28T11:36:23.000000Z"}, {"uuid": "5811d796-1617-4f76-8e38-4d05b0927e8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23095", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqs6kzr4as62", "content": "", "creation_timestamp": "2025-06-04T16:03:16.736822Z"}, {"uuid": "3de4c4bf-8b39-44be-8a5e-759395570eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23096", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqs6l3qwneg2", "content": "", "creation_timestamp": "2025-06-04T16:03:48.815006Z"}, {"uuid": "0b35a002-92ce-4401-b6da-9dfd31d5e70e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23093", "type": "seen", "source": "https://t.me/cvedetector/17420", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23093 - Mitel OpenScape 4000 Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23093 \nPublished : Feb. 6, 2025, 8:15 p.m. | 26\u00a0minutes ago \nDescription : The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager through V10 R1.54.1 and V11 through R0.22.1 could allow an authenticated attacker to conduct a privilege escalation attack due to the execution of a resource with unnecessary privileges. A successful exploit could allow an attacker to execute arbitrary commands with elevated privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-06T21:55:24.000000Z"}, {"uuid": "0b7af216-eb9f-43e7-a3e6-aa214327228c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23090", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2511", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23090\n\ud83d\udd39 Description: With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers\n but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage.\n\nThis vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23.\n\ud83d\udccf Published: 2025-01-22T01:11:30.802Z\n\ud83d\udccf Modified: 2025-01-22T01:11:30.802Z\n\ud83d\udd17 References:\n1. https://hackerone.com/reports/2575105", "creation_timestamp": "2025-01-22T02:00:53.000000Z"}, {"uuid": "10fc0cd4-e397-4444-97e7-6b1e37e81dca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23091", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3749", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23091\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-01T07:15:08.277\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://community.ui.com/releases/Security-Advisory-Bulletin-045-045/6011bc61-f2eb-457f-b71d-755703817aaf", "creation_timestamp": "2025-02-01T09:26:08.000000Z"}, {"uuid": "81a5f7a8-59de-47a5-bd99-5f6b52ad2c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2309", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7644", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2309\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor was contacted early about a batch of vulnerabilities. His response was \"reject\" without further explanation. We have not received an elaboration even after asking politely for further details. Currently we assume that the vendor wants to \"dispute\" the entries which is why they are flagged as such until further details become available.\n\ud83d\udccf Published: 2025-03-14T21:00:07.781Z\n\ud83d\udccf Modified: 2025-03-14T21:00:07.781Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299722\n2. https://vuldb.com/?ctiid.299722\n3. https://vuldb.com/?submit.514532\n4. https://github.com/madao123123/crash_report/blob/main/hdf5_poc/hdf5_poc3.md", "creation_timestamp": "2025-03-14T21:44:53.000000Z"}, {"uuid": "54310d5d-d8eb-49d2-9586-c9eeccfb0c38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2309", "type": "seen", "source": "https://t.me/cvedetector/20343", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2309 - HDF5 Type Conversion Logic Heap Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2309 \nPublished : March 14, 2025, 9:15 p.m. | 23\u00a0minutes ago \nDescription : A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor was contacted early about a batch of vulnerabilities. His response was \"reject\" without further explanation. We have not received an elaboration even after asking politely for further details. Currently we assume that the vendor wants to \"dispute\" the entries which is why they are flagged as such until further details become available. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T23:24:24.000000Z"}, {"uuid": "cd87b318-0969-4378-888d-ece2a9c8aa81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23090", "type": "seen", "source": "https://t.me/cvedetector/16067", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23090 - Node.js Permission Model Diagnostic Worker Thread Exposici\u00f3n\", \n  \"Content\": \"CVE ID : CVE-2025-23090 \nPublished : Jan. 22, 2025, 2:15 a.m. | 34\u00a0minutes ago \nDescription : With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker thread is created. This is not limited only to workers  \n but also exposes internal workers, where an instance of them can be fetched, and its constructor can be grabbed and reinstated for malicious usage.  \n  \nThis vulnerability affects Permission Model users (--permission) on Node.js v20, v22, and v23. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T03:51:32.000000Z"}, {"uuid": "9bfba033-2e05-43e4-9779-11f039e0bc25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-23090", "type": "seen", "source": "Telegram/0IFkFBxlfnsh8WInXtwZopgzaQfY5P57FzdcLxNFV24--shL", "content": "", "creation_timestamp": "2025-02-14T10:01:38.000000Z"}]}