{"vulnerability": "CVE-2025-3000", "sightings": [{"uuid": "aac5e9b3-0583-4b24-a624-a2e0d433d524", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30003", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-387/", "content": "", "creation_timestamp": "2025-06-16T03:00:00.000000Z"}, {"uuid": "9b01cdad-b52f-4416-a17a-26f965ddef40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30004", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114258772118926644", "content": "", "creation_timestamp": "2025-03-31T19:48:23.416336Z"}, {"uuid": "a2cda4f2-96d0-40a1-9d45-7a31f75e1ebe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30004", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114258772118926644", "content": "", "creation_timestamp": "2025-03-31T19:48:23.417666Z"}, {"uuid": "553b89a3-08c2-4cf8-9b15-2379eec0caad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30004", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llovoze7wk2v", "content": "", "creation_timestamp": "2025-03-31T17:40:20.492257Z"}, {"uuid": "64a6d9fe-18b7-46d6-8d55-1c1bbbe880fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30000", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-01", "content": "", "creation_timestamp": "2025-04-10T10:00:00.000000Z"}, {"uuid": "80ae8877-6090-4100-9d2a-819d96563bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30009", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lozjabo56q2h", "content": "", "creation_timestamp": "2025-05-13T03:12:16.618425Z"}, {"uuid": "49c72ec5-dfbe-41ce-ac16-e13c395b4ce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30002", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01", "content": "", "creation_timestamp": "2025-04-22T10:00:00.000000Z"}, {"uuid": "b23d5a8a-00d6-449a-8b06-920812371260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30003", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-112-01", "content": "", "creation_timestamp": "2025-04-22T10:00:00.000000Z"}, {"uuid": "8610b4a9-bd18-44b2-9d77-148cf0e2992f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30002", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-386/", "content": "", "creation_timestamp": "2025-06-16T03:00:00.000000Z"}, {"uuid": "28d31169-54ba-43f0-ae77-3eeb85bf82cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30004", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw5675cf2h", "content": "", "creation_timestamp": "2025-07-23T21:02:31.238648Z"}, {"uuid": "8e469157-0b59-466e-8f42-a6339b98acc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30005", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lunw56bk6o22", "content": "", "creation_timestamp": "2025-07-23T21:02:31.834835Z"}, {"uuid": "d0f28010-a4cf-40b6-a821-9bdde78077fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30004", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "617b649f-eebf-49a8-9007-9644dc636c10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30005", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "2ef92cf4-5da6-4e0d-8338-5d521c3c585a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30001", "type": "seen", "source": "https://gist.github.com/Darkcrai86/9a2ceddad876512b07e22f665a8dbd10", "content": "", "creation_timestamp": "2025-10-10T11:03:19.000000Z"}, {"uuid": "52093007-86ac-42eb-9390-0b2830eaae16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30005", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/xorcom_completepbx_diagnostics_file_read.rb", "content": "", "creation_timestamp": "2025-07-22T15:27:53.000000Z"}, {"uuid": "3383dd8a-0874-4d04-9e58-d7d679dc4def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30001", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lxzkj36fce2u", "content": "", "creation_timestamp": "2025-09-04T16:21:46.747719Z"}, {"uuid": "be978d08-15a6-4c6e-a50c-f551582d0a9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30004", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/xorcom_completepbx_scheduler.rb", "content": "", "creation_timestamp": "2025-07-22T15:27:53.000000Z"}, {"uuid": "9e09a373-13f6-415a-b4d5-4a9b2aae643b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30001", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q3/148", "content": "", "creation_timestamp": "2025-09-04T13:59:18.000000Z"}, {"uuid": "aedecc3b-9db3-4869-a426-f904448d5d0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30006", "type": "seen", "source": "https://t.me/cvedetector/21636", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30006 - Xorcom CompletePBX Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2025-30006 \nPublished : March 31, 2025, 5:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : Xorcom CompletePBX is vulnerable to a reflected cross-site scripting (XSS) in the administrative control panel.  \n  \n  \n  \n  \nThis issue affects CompletePBX: all versions up to and prior to 5.2.35 \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T21:43:19.000000Z"}, {"uuid": "13ef9f26-c6be-4ade-af02-216688fb3fbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30006", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9706", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30006\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Xorcom CompletePBX is vulnerable to a reflected cross-site scripting (XSS) in the administrative control panel.\n\n\n\n\nThis issue affects CompletePBX: all versions up to and prior to 5.2.35\n\ud83d\udccf Published: 2025-03-31T16:49:52.940Z\n\ud83d\udccf Modified: 2025-03-31T16:49:52.940Z\n\ud83d\udd17 References:\n1. https://vulncheck.com/advisories/completepbx-reflected-xss\n2. https://www.xorcom.com/new-completepbx-release-5-2-36-1/", "creation_timestamp": "2025-03-31T17:30:53.000000Z"}, {"uuid": "960b3983-1c90-4c5f-ab74-7ced909953e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30005", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9714", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30005\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L)\n\ud83d\udd39 Description: Xorcom CompletePBX is vulnerable to a path traversal via the Diagnostics reporting module, which will allow reading of arbitrary files and additionally delete any retrieved file in place of the expected report.\n\n\n\n\nThis issue affects CompletePBX: all versions up to and prior to 5.2.35\n\ud83d\udccf Published: 2025-03-31T16:45:04.432Z\n\ud83d\udccf Modified: 2025-03-31T16:45:04.432Z\n\ud83d\udd17 References:\n1. https://vulncheck.com/advisories/completepbx-path-traversal-file-deletion\n2. https://www.xorcom.com/new-completepbx-release-5-2-36-1/", "creation_timestamp": "2025-03-31T17:31:06.000000Z"}, {"uuid": "3b369793-320d-4bc9-9570-b63be814f253", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30004", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9717", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30004\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user.\n\n\n\n\nThis issue affects CompletePBX: all versions up to and prior to 5.2.35\n\ud83d\udccf Published: 2025-03-31T16:42:09.932Z\n\ud83d\udccf Modified: 2025-03-31T16:42:09.932Z\n\ud83d\udd17 References:\n1. https://vulncheck.com/advisories/completepbx-authenticated-command-injection\n2. https://www.xorcom.com/new-completepbx-release-5-2-36-1/", "creation_timestamp": "2025-03-31T17:31:12.000000Z"}, {"uuid": "4239b11f-66cd-4395-a374-c676a3c91a2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30009", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16134", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30009\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: he Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim\ufffds browser. This vulnerability has low impact on confidentiality and integrity within the scope of that victim\ufffds browser, with no effect on availability of the application\n\ud83d\udccf Published: 2025-05-13T00:12:52.634Z\n\ud83d\udccf Modified: 2025-05-13T14:06:31.756Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3578900\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-05-13T14:30:57.000000Z"}, {"uuid": "11535812-cd7d-43bd-ac60-8ddedc3f9201", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3000", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9683", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3000\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-31T15:00:10.521Z\n\ud83d\udccf Modified: 2025-03-31T15:00:10.521Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302049\n2. https://vuldb.com/?ctiid.302049\n3. https://vuldb.com/?submit.524197\n4. https://github.com/pytorch/pytorch/issues/149623\n5. https://github.com/pytorch/pytorch/issues/149623#issue-2935703015", "creation_timestamp": "2025-03-31T15:31:21.000000Z"}, {"uuid": "637d5966-7022-4a7a-bc6f-e02681518ccc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30009", "type": "seen", "source": "https://t.me/cvedetector/25155", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30009 - SAP SRM Live Auction Cockpit Java Applet Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30009 \nPublished : May 13, 2025, 1:15 a.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : he Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim\ufffds browser. This vulnerability has low impact on confidentiality and integrity within the scope of that victim\ufffds browser, with no effect on availability of the application \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-13T05:30:31.000000Z"}, {"uuid": "64fa66c7-435b-45b8-bf1a-16b903dbe238", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30000", "type": "seen", "source": "https://t.me/cvedetector/22443", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30000 - Siemens License Server (SLS) Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30000 \nPublished : April 8, 2025, 9:15 a.m. | 2\u00a0hours, 10\u00a0minutes ago \nDescription : A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The affected application does not properly restrict permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T13:59:51.000000Z"}, {"uuid": "19aa85b6-2fb9-411b-a195-89f48c00c75f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3000", "type": "seen", "source": "https://t.me/cvedetector/21626", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3000 - PyTorch Torch.jit.script Memory Corruption\", \n  \"Content\": \"CVE ID : CVE-2025-3000 \nPublished : March 31, 2025, 3:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T19:12:37.000000Z"}, {"uuid": "69f35759-e839-46ab-844f-7de18c984845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30005", "type": "seen", "source": "https://t.me/cvedetector/21645", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30005 - Xorcom CompletePBX Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30005 \nPublished : March 31, 2025, 5:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : Xorcom CompletePBX is vulnerable to a path traversal via the Diagnostics reporting module, which will allow reading of arbitrary files and additionally delete any retrieved file in place of the expected report.  \n  \n  \n  \n  \nThis issue affects CompletePBX: all versions up to and prior to 5.2.35 \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T21:43:29.000000Z"}, {"uuid": "338e8465-cfe7-41ed-9884-c9fe70c5ec81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30004", "type": "seen", "source": "https://t.me/cvedetector/21643", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30004 - Xorcom CompletePBX Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30004 \nPublished : March 31, 2025, 5:15 p.m. | 1\u00a0hour, 48\u00a0minutes ago \nDescription : Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler functionality, allowing for attackers to execute arbitrary commands as the root user.  \n  \n  \n  \n  \nThis issue affects CompletePBX: all versions up to and prior to 5.2.35 \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T21:43:27.000000Z"}]}