{"vulnerability": "CVE-2025-2977", "sightings": [{"uuid": "51e09291-4259-4f4d-ad34-6d8fa22098fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkei5wy3vz2w", "content": "", "creation_timestamp": "2025-03-14T20:46:20.773139Z"}, {"uuid": "8e0ce668-cbc8-4841-b8e2-3323bc5ce74c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkeb4tgd6a2a", "content": "", "creation_timestamp": "2025-03-14T18:40:26.529937Z"}, {"uuid": "c6fdb0e4-0d62-4818-83f8-eb2510b1b2be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkeb4sgac42p", "content": "", "creation_timestamp": "2025-03-14T18:40:25.402965Z"}, {"uuid": "7bef6196-dea9-4663-b181-4d4c33e8c234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lkodkdhuag2g", "content": "", "creation_timestamp": "2025-03-18T18:50:25.131187Z"}, {"uuid": "5906167d-159b-415c-a8d1-9dd1c7ddca59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29778", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll5m6hqsvp26", "content": "", "creation_timestamp": "2025-03-24T20:34:45.821448Z"}, {"uuid": "39c20a10-f843-48fb-9bc8-a4e84eaeefe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29771", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkemn4f65s2k", "content": "", "creation_timestamp": "2025-03-14T22:06:24.050683Z"}, {"uuid": "021bc106-90a2-4864-885e-6c0af6b27445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lkodkdhuag2g", "content": "", "creation_timestamp": "2025-03-18T18:50:25.199733Z"}, {"uuid": "0c5abd91-e959-44c0-a4d9-31b8a309caf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lkdrzgfcqb2i", "content": "", "creation_timestamp": "2025-03-14T14:10:07.186785Z"}, {"uuid": "b6999dd4-65cf-4f68-b5ff-692189b5c46c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3ll3umjqfp22d", "content": "", "creation_timestamp": "2025-03-24T04:00:31.072923Z"}, {"uuid": "972e09a3-f7f9-4774-9b25-194fb658be9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3ll3umjqfp22d", "content": "", "creation_timestamp": "2025-03-24T04:00:31.188650Z"}, {"uuid": "2d29dcb9-6869-4467-8cbb-dfddc2f3eac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lkq2tmw23k2a", "content": "", "creation_timestamp": "2025-03-19T11:19:54.211721Z"}, {"uuid": "37e49740-7582-4d47-9abe-8b37907ea48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lkq2tmw23k2a", "content": "", "creation_timestamp": "2025-03-19T11:19:54.290643Z"}, {"uuid": "30953b8a-1819-4cc3-9973-6d6f61ace374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29770", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkqtncxpzy2l", "content": "", "creation_timestamp": "2025-03-19T18:43:52.074669Z"}, {"uuid": "a18b986a-5168-4605-b51f-ed49424cddad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lke2qhgz2f2m", "content": "", "creation_timestamp": "2025-03-14T16:46:17.051775Z"}, {"uuid": "6354c65d-ba28-495f-9ffb-b7271b4b82d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://bsky.app/profile/u2k25.bsky.social/post/3loefrmmfm22k", "content": "", "creation_timestamp": "2025-05-04T17:44:25.898053Z"}, {"uuid": "3d33559a-a89d-4374-be97-9843937ec25b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114162071842369847", "content": "", "creation_timestamp": "2025-03-14T17:56:13.758903Z"}, {"uuid": "a789fcf9-2dc1-4cce-8d4e-d55b26c5eebb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29779", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114162131093338024", "content": "", "creation_timestamp": "2025-03-14T18:11:18.729422Z"}, {"uuid": "092e9d09-f7df-4a16-9256-2a01bde78c32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://bsky.app/profile/twypsy.bsky.social/post/3lo5bnrsvdk22", "content": "", "creation_timestamp": "2025-05-01T21:42:04.987518Z"}, {"uuid": "c9f01913-58f5-4a8e-a7db-f3e43e51346a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:48.000000Z"}, {"uuid": "16804ffa-24bf-44bb-b4d1-01226473ce66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-29773", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3lpn3yfy6jg2p", "content": "", "creation_timestamp": "2025-05-20T22:08:25.443957Z"}, {"uuid": "4e1e8d8d-b24c-4fbf-b571-b5a17ff56899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2977", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9587", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2977\n\ud83d\udd25 CVSS Score: 5.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-31T05:00:08.371Z\n\ud83d\udccf Modified: 2025-03-31T05:00:08.371Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302029\n2. https://vuldb.com/?ctiid.302029\n3. https://vuldb.com/?submit.523016\n4. https://github.com/0xs1ash/poc/blob/main/portable_data_exfiltration.md", "creation_timestamp": "2025-03-31T05:31:17.000000Z"}, {"uuid": "f29e824a-5a3b-44f5-9937-8a45d8984867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29773", "type": "seen", "source": "https://t.me/cvedetector/20241", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29773 - Froxlor Email Account Confusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29773 \nPublished : March 13, 2025, 5:15 p.m. | 43\u00a0minutes ago \nDescription : Froxlor is open-source server administration software. A vulnerability in versions prior to 2.2.6 allows users (such as resellers or customers) to create accounts with the same email address as an existing account. This creates potential issues with account identification and security. This vulnerability can be exploited by authenticated users (e.g., reseller, customer) who can create accounts with the same email address that has already been used by another account, such as the admin. The attack vector is email-based, as the system does not prevent multiple accounts from registering the same email address, leading to possible conflicts and security issues. Version 2.2.6 fixes the issue. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T19:48:19.000000Z"}, {"uuid": "6159b814-75a1-4ab1-be0e-bd2a8bb5c7ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29779", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7607", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29779\n\ud83d\udd25 CVSS Score: 5.4 (cvssV4_0, Vector: CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Post-Quantum Secure Feldman's Verifiable Secret Sharing provides a Python implementation of Feldman's Verifiable Secret Sharing (VSS) scheme. In versions 0.7.6b0 and prior, the `secure_redundant_execution` function in feldman_vss.py attempts to mitigate fault injection attacks by executing a function multiple times and comparing results. However, several critical weaknesses exist. Python's execution environment cannot guarantee true isolation between redundant executions, the constant-time comparison implementation in Python is subject to timing variations, the randomized execution order and timing provide insufficient protection against sophisticated fault attacks, and the error handling may leak timing information about partial execution results. These limitations make the protection ineffective against targeted fault injection attacks, especially from attackers with physical access to the hardware. A successful fault injection attack could allow an attacker to bypass the redundancy check mechanisms, extract secret polynomial coefficients during share generation or verification, force the acceptance of invalid shares during verification, and/or manipulate the commitment verification process to accept fraudulent commitments. This undermines the core security guarantees of the Verifiable Secret Sharing scheme. As of time of publication, no patched versions of Post-Quantum Secure Feldman's Verifiable Secret Sharing exist, but other mitigations are available. Long-term remediation requires reimplementing the security-critical functions in a lower-level language like Rust. Short-term mitigations include deploying the software in environments with physical security controls, increasing the redundancy count (from 5 to a higher number) by modifying the source code, adding external verification of cryptographic operations when possible, considering using hardware security modules (HSMs) for key operations.\n\ud83d\udccf Published: 2025-03-14T17:24:10.215Z\n\ud83d\udccf Modified: 2025-03-14T17:24:10.215Z\n\ud83d\udd17 References:\n1. https://github.com/DavidOsipov/PostQuantum-Feldman-VSS/security/advisories/GHSA-r8gc-qc2c-c7vh\n2. https://en.wikipedia.org/wiki/Fault_attack\n3. https://eprint.iacr.org/2004/100.pdf", "creation_timestamp": "2025-03-14T17:48:53.000000Z"}, {"uuid": "f54118ed-0986-4c9e-98e3-96075eda65f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29771", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7634", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29771\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N)\n\ud83d\udd39 Description: HtmlSanitizer is a client-side HTML Sanitizer. Versions prior to 2.0.3 have a cross-site scripting vulnerability when the sanitizer is used with a `contentEditable` element to set the elements `innerHTML` to a sanitized string produced by the package. If the code is particularly crafted to abuse the code beautifier, that runs AFTER sanitation. The issue is patched in version 2.0.3.\n\ud83d\udccf Published: 2025-03-14T18:56:24.504Z\n\ud83d\udccf Modified: 2025-03-14T19:06:37.288Z\n\ud83d\udd17 References:\n1. https://github.com/jitbit/HtmlSanitizer/security/advisories/GHSA-vhv4-fh94-jm5x\n2. https://github.com/jitbit/HtmlSanitizer/commit/af6d2a78877e7277cd01c825b7fb50edb5956963", "creation_timestamp": "2025-03-14T19:45:04.000000Z"}, {"uuid": "3187691d-181f-46fd-b268-44d16c1afd13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7692", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29776\n\ud83d\udd25 CVSS Score: 8.7 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L)\n\ud83d\udd39 Description: Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling `setTimer` in Azle versions `0.27.0`, `0.28.0`, and `0.29.0` causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of `setTimer`. The problem has been fixed as of Azle version `0.30.0`. As a workaround, if a canister is caught in this infinite loop after calling `setTimer`, the canister can be upgraded and the timers will all be cleared, thus ending the loop.\n\ud83d\udccf Published: 2025-03-14T13:13:27.137Z\n\ud83d\udccf Modified: 2025-03-15T20:49:42.369Z\n\ud83d\udd17 References:\n1. https://github.com/demergent-labs/azle/security/advisories/GHSA-xc76-5pf9-mx8m\n2. https://github.com/demergent-labs/azle/releases/tag/0.30.0", "creation_timestamp": "2025-03-15T21:45:46.000000Z"}, {"uuid": "7007e145-6b34-4d8c-b184-7e87c3eb8b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/45084", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aHow CVE-2025-29774 Vulnerabilities and the SIGHASH_SINGLE Bug Threaten Multi-Signature Wallet Operational Methods with Fake RawTX\nURL\uff1ahttps://github.com/demining/Digital-Signature-Forgery-Attack\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-23T12:51:40.000000Z"}, {"uuid": "d342b1eb-4786-4254-92e6-f075ef5f208c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7619", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29775\n\ud83d\udd25 CVSS Score: 9.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature verification checks. For example, it could be used to alter critical identity or access control attributes, enabling an attacker to escalate privileges or impersonate another user. Users of versions 6.0.0 and prior should upgrade to version 6.0.1 to receive a fix. Those who are still using v2.x or v3.x should upgrade to patched versions 2.1.6 or 3.2.1, respectively.\n\ud83d\udccf Published: 2025-03-14T17:11:05.590Z\n\ud83d\udccf Modified: 2025-03-14T17:11:05.590Z\n\ud83d\udd17 References:\n1. https://github.com/node-saml/xml-crypto/security/advisories/GHSA-x3m8-899r-f7c3\n2. https://github.com/node-saml/xml-crypto/commit/28f92218ecbb8dcbd238afa4efbbd50302aa9aed\n3. https://github.com/node-saml/xml-crypto/commit/886dc63a8b4bb5ae1db9f41c7854b171eb83aa98\n4. https://github.com/node-saml/xml-crypto/commit/8ac6118ee7978b46aa56b82cbcaa5fca58c93a07\n5. https://github.com/node-saml/xml-crypto/releases/tag/v2.1.6\n6. https://github.com/node-saml/xml-crypto/releases/tag/v3.2.1\n7. https://github.com/node-saml/xml-crypto/releases/tag/v6.0.1", "creation_timestamp": "2025-03-14T17:49:09.000000Z"}, {"uuid": "6763b964-80d6-42f6-8d05-16f69e2d7577", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29772", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9700", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-29772\n\ud83d\udd25 CVSS Score: 7.2 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: OpenEMR is a free and open source electronic health records and medical practice management application. The POST parameter hidden_subcategory is output to the page without being properly processed. This leads to a reflected cross-site scripting (XSS) vul;nerability in CAMOS new.php. This vulnerability is fixed in 7.0.3.\n\ud83d\udccf Published: 2025-03-31T16:03:32.711Z\n\ud83d\udccf Modified: 2025-03-31T16:03:32.711Z\n\ud83d\udd17 References:\n1. https://github.com/openemr/openemr/security/advisories/GHSA-89gp-g4c9-hv8h\n2. https://github.com/openemr/openemr/commit/17c5c424695de50db94f2c01fb9abfc441d09a1a", "creation_timestamp": "2025-03-31T16:33:27.000000Z"}, {"uuid": "7183df32-6050-4f33-80cb-f3f50f90e33a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34691", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPOCs for CVE-2025-29775\nURL\uff1ahttps://github.com/twypsy/cve-2025-29775\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-30T00:37:18.000000Z"}, {"uuid": "99a4f9b0-e5f7-42e5-a25e-e3b897acfa80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2977", "type": "seen", "source": "https://t.me/cvedetector/21555", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2977 - GFI KerioConnect Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-2977 \nPublished : March 31, 2025, 5:15 a.m. | 1\u00a0hour, 29\u00a0minutes ago \nDescription : A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T09:09:17.000000Z"}, {"uuid": "106067a7-a348-407d-bd1e-e20dfd08b955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/45113", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aHow CVE-2025-29774 Vulnerabilities and the SIGHASH_SINGLE Bug Threaten Multi-Signature Wallet Operational Methods with Fake RawTX\nURL\uff1ahttps://github.com/Kamal-Hegazi/CVE-2025-53770-SharePoint-RCE\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-23T18:22:37.000000Z"}, {"uuid": "ef3c2a66-d814-425d-9e4b-c570cc0ecf40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "published-proof-of-concept", "source": "Telegram/4bg_Vtt-c2g6B5f0tuhNllyXVx8wqByVM4qaJsK1Ar8yXTY", "content": "", "creation_timestamp": "2025-07-23T15:00:12.000000Z"}, {"uuid": "64fe2181-43d8-4271-b5e8-77c4e0fa7dda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29772", "type": "seen", "source": "https://t.me/cvedetector/21620", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29772 - OpenEMR Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29772 \nPublished : March 31, 2025, 4:15 p.m. | 48\u00a0minutes ago \nDescription : OpenEMR is a free and open source electronic health records and medical practice management application. The POST parameter hidden_subcategory is output to the page without being properly processed. This leads to a reflected cross-site scripting (XSS) vul;nerability in CAMOS new.php. This vulnerability is fixed in 7.0.3. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T19:12:27.000000Z"}, {"uuid": "979b5c21-73a7-494a-b94d-adfa0a477afa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29778", "type": "seen", "source": "https://t.me/cvedetector/20989", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29778 - Kyverno Keyless Certificate Verification Bypass\", \n  \"Content\": \"CVE ID : CVE-2025-29778 \nPublished : March 24, 2025, 5:15 p.m. | 2\u00a0hours, 5\u00a0minutes ago \nDescription : Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to version 1.14.0-alpha.1, Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were signed by unexpected certificate. Deploying these unauthorized kubernetes resources can lead to full compromise of kubernetes cluster. Version 1.14.0-alpha.1 contains a patch for the issue. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-24T20:54:53.000000Z"}, {"uuid": "e7608fcf-3731-4c68-9418-06c0ab171183", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://t.me/cvedetector/20329", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29775 - Apache xml-crypto Signature Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29775 \nPublished : March 14, 2025, 6:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature verification checks. For example, it could be used to alter critical identity or access control attributes, enabling an attacker to escalate privileges or impersonate another user. Users of versions 6.0.0 and prior should upgrade to version 6.0.1 to receive a fix. Those who are still using v2.x or v3.x should upgrade to patched versions 2.1.6 or 3.2.1, respectively. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T20:53:37.000000Z"}, {"uuid": "226e9edf-387b-46b6-9aff-0b784f5a21fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29776", "type": "seen", "source": "https://t.me/cvedetector/20301", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29776 - Azle WebAssembly Runtime Timer Infinite Loop Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29776 \nPublished : March 14, 2025, 2:15 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : Azle is a WebAssembly runtime for TypeScript and JavaScript on ICP. Calling `setTimer` in Azle versions `0.27.0`, `0.28.0`, and `0.29.0` causes an immediate infinite loop of timers to be executed on the canister, each timer attempting to clean up the global state of the previous timer. The infinite loop will occur with any valid invocation of `setTimer`. The problem has been fixed as of Azle version `0.30.0`. As a workaround, if a canister is caught in this infinite loop after calling `setTimer`, the canister can be upgraded and the timers will all be cleared, thus ending the loop. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T16:42:35.000000Z"}, {"uuid": "b6af6d76-f7da-4b38-b986-ffcd150b97bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29771", "type": "seen", "source": "https://t.me/cvedetector/20328", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29771 - HtmlSanitizer Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29771 \nPublished : March 14, 2025, 7:15 p.m. | 21\u00a0minutes ago \nDescription : HtmlSanitizer is a client-side HTML Sanitizer. Versions prior to 2.0.3 have a cross-site scripting vulnerability when the sanitizer is used with a `contentEditable` element to set the elements `innerHTML` to a sanitized string produced by the package. If the code is particularly crafted to abuse the code beautifier, that runs AFTER sanitation. The issue is patched in version 2.0.3. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T20:53:36.000000Z"}, {"uuid": "512bad12-1961-4499-8359-b1b6a39638a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "seen", "source": "https://t.me/cvedetector/20314", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29774 - Apache xml-crypto Signature Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29774 \nPublished : March 14, 2025, 5:15 p.m. | 19\u00a0minutes ago \nDescription : xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. The vulnerability allows an attacker to modify a valid signed XML message in a way that still passes signature verification checks. For example, it could be used to alter critical identity or access control attributes, enabling an attacker with a valid account to escalate privileges or impersonate another user. Users of versions 6.0.0 and prior should upgrade to version 6.0.1 to receive a fix. Those who are still using v2.x or v3.x should upgrade to patched versions 2.1.6 or 3.2.1, respectively. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T19:13:10.000000Z"}, {"uuid": "5e1c368c-e0f1-4515-9618-ed95ef2e0925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29779", "type": "seen", "source": "https://t.me/cvedetector/20330", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29779 - Apache Post-Quantum Secure Feldman's Verifiable Secret Sharing Fault Injection Attacks\", \n  \"Content\": \"CVE ID : CVE-2025-29779 \nPublished : March 14, 2025, 6:15 p.m. | 1\u00a0hour, 21\u00a0minutes ago \nDescription : Post-Quantum Secure Feldman's Verifiable Secret Sharing provides a Python implementation of Feldman's Verifiable Secret Sharing (VSS) scheme. In versions 0.7.6b0 and prior, the `secure_redundant_execution` function in feldman_vss.py attempts to mitigate fault injection attacks by executing a function multiple times and comparing results. However, several critical weaknesses exist. Python's execution environment cannot guarantee true isolation between redundant executions, the constant-time comparison implementation in Python is subject to timing variations, the randomized execution order and timing provide insufficient protection against sophisticated fault attacks, and the error handling may leak timing information about partial execution results. These limitations make the protection ineffective against targeted fault injection attacks, especially from attackers with physical access to the hardware. A successful fault injection attack could allow an attacker to bypass the redundancy check mechanisms, extract secret polynomial coefficients during share generation or verification, force the acceptance of invalid shares during verification, and/or manipulate the commitment verification process to accept fraudulent commitments. This undermines the core security guarantees of the Verifiable Secret Sharing scheme. As of time of publication, no patched versions of Post-Quantum Secure Feldman's Verifiable Secret Sharing exist, but other mitigations are available. Long-term remediation requires reimplementing the security-critical functions in a lower-level language like Rust. Short-term mitigations include deploying the software in environments with physical security controls, increasing the redundancy count (from 5 to a higher number) by modifying the source code, adding external verification of cryptographic operations when possible, considering using hardware security modules (HSMs) for key operations. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T20:53:38.000000Z"}, {"uuid": "28eb823d-4d52-48b6-aa29-9375f17e5206", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "published-proof-of-concept", "source": "Telegram/y2l5Yx5uKW94E7t6fGqmFzUShRXCrJYUPIKinN2hvDkbmL0", "content": "", "creation_timestamp": "2025-04-30T21:00:05.000000Z"}, {"uuid": "6e20aaa6-589b-4bd4-a358-f0538ceef295", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29770", "type": "seen", "source": "https://t.me/cvedetector/20651", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-29770 - OpenAI vLLM Outlines Cache Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-29770 \nPublished : March 19, 2025, 4:15 p.m. | 1\u00a0hour, 11\u00a0minutes ago \nDescription : vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. The outlines library is one of the backends used by vLLM to support structured output (a.k.a. guided decoding). Outlines provides an optional cache for its compiled grammars on the local filesystem. This cache has been on by default in vLLM. Outlines is also available by default through the OpenAI compatible API server. The affected code in vLLM is vllm/model_executor/guided_decoding/outlines_logits_processors.py, which unconditionally uses the cache from outlines. A malicious user can send a stream of very short decoding requests with unique schemas, resulting in an addition to the cache for each request. This can result in a Denial of Service if the filesystem runs out of space. Note that even if vLLM was configured to use a different backend by default, it is still possible to choose outlines on a per-request basis using the guided_decoding_backend key of the extra_body field of the request. This issue applies only to the V0 engine and is fixed in 0.8.0. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T18:49:28.000000Z"}, {"uuid": "2a94ed6f-777c-4233-afaf-56b45bd9da3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "published-proof-of-concept", "source": "Telegram/pRPgTuKpNgH7y7yHOR5VIq4CCObEljNgHBGQunGS6T0fn0Q", "content": "", "creation_timestamp": "2025-03-14T19:00:48.000000Z"}, {"uuid": "70ff61bc-7e87-4548-8400-a01f0d6499f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "published-proof-of-concept", "source": "Telegram/pRPgTuKpNgH7y7yHOR5VIq4CCObEljNgHBGQunGS6T0fn0Q", "content": "", "creation_timestamp": "2025-03-14T19:00:48.000000Z"}, {"uuid": "0ac9c337-3389-4bbc-b91e-32aff7795547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29774", "type": "seen", "source": "https://t.me/anti_malware/20073", "content": "\ud83d\udea8 XML-\u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u043e\u0439! \u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c \u0441\u0440\u043e\u0447\u043d\u043e!\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 xml-crypto \u0437\u0430\u043b\u0430\u0442\u0430\u043b\u0438 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2025-29774 \u0438 CVE-2025-29775, \ud83d\udd25 9,3 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e CVSS), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0442\u0432\u043e\u0440\u0438\u0442\u044c \u0431\u0435\u0441\u043f\u0440\u0435\u0434\u0435\u043b \u0441 XML-\u043f\u043e\u0434\u043f\u0438\u0441\u044f\u043c\u0438:\n\n\ud83d\udd39 \u041f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u2b06\ufe0f\n\ud83d\udd39 \u041f\u0440\u0438\u0442\u0432\u043e\u0440\u044f\u0442\u044c\u0441\u044f \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u044e\u0437\u0435\u0440\u0430\u043c\u0438 \ud83c\udfad", "creation_timestamp": "2025-03-19T14:31:08.000000Z"}, {"uuid": "d13d28f3-246c-4c97-b6c4-6cb1260d42a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-29775", "type": "seen", "source": "https://t.me/anti_malware/20073", "content": "\ud83d\udea8 XML-\u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u043e\u0439! \u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0439\u0442\u0435\u0441\u044c \u0441\u0440\u043e\u0447\u043d\u043e!\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 xml-crypto \u0437\u0430\u043b\u0430\u0442\u0430\u043b\u0438 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2025-29774 \u0438 CVE-2025-29775, \ud83d\udd25 9,3 \u0431\u0430\u043b\u043b\u0430 \u043f\u043e CVSS), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0438 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0442\u0432\u043e\u0440\u0438\u0442\u044c \u0431\u0435\u0441\u043f\u0440\u0435\u0434\u0435\u043b \u0441 XML-\u043f\u043e\u0434\u043f\u0438\u0441\u044f\u043c\u0438:\n\n\ud83d\udd39 \u041f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u2b06\ufe0f\n\ud83d\udd39 \u041f\u0440\u0438\u0442\u0432\u043e\u0440\u044f\u0442\u044c\u0441\u044f \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u044e\u0437\u0435\u0440\u0430\u043c\u0438 \ud83c\udfad", "creation_timestamp": "2025-03-19T14:31:08.000000Z"}]}