{"vulnerability": "CVE-2025-3010", "sightings": [{"uuid": "f8045d0c-46be-4a40-8d09-e8d656be1f7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30106", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobiccpuz2j", "content": "", "creation_timestamp": "2025-03-18T18:13:28.855343Z"}, {"uuid": "035cf8e1-12ae-4d7b-8096-cbabbcc9cd14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30106", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114184021364552580", "content": "", "creation_timestamp": "2025-03-18T14:58:16.916698Z"}, {"uuid": "8b722dd0-2530-4ef8-9d15-5b4a708cba7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30107", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobicgu3w26", "content": "", "creation_timestamp": "2025-03-18T18:13:29.456441Z"}, {"uuid": "5206d502-d133-466d-8bc2-2cb013095a82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30109", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobicvmqw26", "content": "", "creation_timestamp": "2025-03-18T18:13:31.766506Z"}, {"uuid": "49172ed1-ddb8-4176-9d07-fd4213aeecba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30100", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114345321315173984", "content": "", "creation_timestamp": "2025-04-16T02:38:58.854219Z"}, {"uuid": "d359f1ba-2c33-4442-969f-f0d4ec408604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30100", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmvkzrjbve2v", "content": "", "creation_timestamp": "2025-04-16T02:43:23.054908Z"}, {"uuid": "0d2b771e-e96b-4d3a-b93d-64092eb90504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30108", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/25594", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aA PoC of the exploit script for the vulnerability of Vite @fs/ Path Traversal in transformMiddleware (CVE-2025-30208)\nURL\uff1ahttps://github.com/4xura/CVE-2025-30108\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-27T13:00:07.000000Z"}, {"uuid": "1e540216-d263-4867-a7de-bc17dde18d82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30102", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3looiprglwn62", "content": "", "creation_timestamp": "2025-05-08T19:43:12.747142Z"}, {"uuid": "0a5f7eaf-ccf9-4ca5-a822-442f54e7c3db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30101", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lool2p74bth2", "content": "", "creation_timestamp": "2025-05-08T19:45:36.723252Z"}, {"uuid": "324f9648-ed58-4235-88b0-6d1231b25aa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30109", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8380", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30109\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The mobile application for the dashcam contains hardcoded credentials that allow an attacker on the local Wi-Fi network to access API endpoints and retrieve sensitive device information, including live and recorded footage.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T16:31:35.592Z\n\ud83d\udd17 References:\n1. https://iroad-dashcam.nl/iroad/iroad-x5/\n2. https://github.com/geo-chen/IROAD-V", "creation_timestamp": "2025-03-21T17:19:20.000000Z"}, {"uuid": "78a5613a-8645-4e33-9854-4ee5c8e7f389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30106", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8381", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30106\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: On IROAD v9 devices, the dashcam has hardcoded default credentials (\"qwertyuiop\") that cannot be changed by the user. This allows an attacker within Wi-Fi range to connect to the device's network to perform sniffing.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T16:30:03.088Z\n\ud83d\udd17 References:\n1. https://iroad-dashcam.nl/iroad/iroad-x5/\n2. https://github.com/geo-chen/IROAD-V", "creation_timestamp": "2025-03-21T17:19:20.000000Z"}, {"uuid": "d9a69eb6-f8b7-4dc1-8531-e43594a5cec6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30102", "type": "seen", "source": "https://t.me/cvedetector/24850", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30102 - Dell PowerScale OneFS Out-of-Bounds Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30102 \nPublished : May 8, 2025, 6:15 p.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T21:48:20.000000Z"}, {"uuid": "280b5165-9a47-43c0-99ba-7beee41b2b6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3010", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9761", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3010\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as problematic, has been found in Khronos Group glslang 15.1.0. Affected by this issue is the function glslang::TIntermediate::isConversionAllowed of the file glslang/MachineIndependent/Intermediate.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-31T20:00:12.256Z\n\ud83d\udccf Modified: 2025-03-31T20:00:12.256Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.302060\n2. https://vuldb.com/?ctiid.302060\n3. https://vuldb.com/?submit.524561\n4. https://github.com/KhronosGroup/glslang/issues/3903\n5. https://github.com/KhronosGroup/glslang/issues/3903#issue-2927492534", "creation_timestamp": "2025-03-31T20:31:06.000000Z"}, {"uuid": "f191bc2f-cd32-4380-b9a1-8a7d72e02415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30102", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15581", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30102\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service.\n\ud83d\udccf Published: 2025-05-08T17:40:45.973Z\n\ud83d\udccf Modified: 2025-05-08T17:40:45.973Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000317419/dsa-2025-192-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", "creation_timestamp": "2025-05-08T18:24:24.000000Z"}, {"uuid": "c982214a-cc66-4b8e-8229-7c7b5f841c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30101", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15580", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30101\n\ud83d\udd25 CVSS Score: 4.4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L)\n\ud83d\udd39 Description: Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering.\n\ud83d\udccf Published: 2025-05-08T17:44:41.280Z\n\ud83d\udccf Modified: 2025-05-08T17:44:41.280Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000317419/dsa-2025-192-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", "creation_timestamp": "2025-05-08T18:24:23.000000Z"}, {"uuid": "c98a8108-eb5c-467c-98d4-e3b7312a59c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30101", "type": "seen", "source": "https://t.me/cvedetector/24849", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30101 - Dell PowerScale OneFS TOCTOU Race Condition Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30101 \nPublished : May 8, 2025, 6:15 p.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : Dell PowerScale OneFS, versions 9.8.0.0 through 9.10.1.0, contain a time-of-check time-of-use (TOCTOU) race condition vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to denial of service and information tampering. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-08T21:48:19.000000Z"}, {"uuid": "05dac76e-b507-44eb-b7e8-95b9dec30bd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3010", "type": "seen", "source": "https://t.me/cvedetector/21647", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3010 - Khronos Group glslang Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3010 \nPublished : March 31, 2025, 8:15 p.m. | 51\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in Khronos Group glslang 15.1.0. Affected by this issue is the function glslang::TIntermediate::isConversionAllowed of the file glslang/MachineIndependent/Intermediate.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-31T23:23:51.000000Z"}, {"uuid": "a466ce98-5fc2-4b34-acb0-06b648ee788f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30109", "type": "seen", "source": "https://t.me/cvedetector/20584", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30109 - IROAD Dashcam Hardcoded Credentials Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30109 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The mobile application for the dashcam contains hardcoded credentials that allow an attacker on the local Wi-Fi network to access API endpoints and retrieve sensitive device information, including live and recorded footage. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:23.000000Z"}, {"uuid": "6f9d481b-7e53-45c1-bdda-2cb7721540c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30100", "type": "seen", "source": "https://t.me/cvedetector/23042", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30100 - Dell Alienware Command Center Elevation of Privileges Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30100 \nPublished : April 16, 2025, 2:15 a.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : Dell Alienware Command Center 6.x, versions prior to 6.7.37.0 contain an Improper Access Control Vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T05:59:56.000000Z"}, {"uuid": "77535101-37d0-4e45-9daf-2ac32ab705e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30108", "type": "published-proof-of-concept", "source": "Telegram/IpSkdng-DvuBirFh-8nYsY3OgxKRFd_quSrS72XmwTlTwLs", "content": "", "creation_timestamp": "2025-03-28T00:00:06.000000Z"}, {"uuid": "3abf8417-0e4b-4821-9076-d58bda291a12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30107", "type": "seen", "source": "https://t.me/cvedetector/20587", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30107 - IROAD V9 Unauthenticated Configuration Management Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30107 \nPublished : March 18, 2025, 3:16 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : On IROAD V9 devices, Managing Settings and Obtaining Sensitive Data and Sabotaging the Car Battery can be performed by unauthorized parties. A vulnerability in the dashcam's configuration management allows unauthorized users to modify settings, disable critical functions, and turn off battery protection, potentially causing physical damage to the vehicle. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:25.000000Z"}, {"uuid": "bbf4e358-86d4-48a6-94e9-4994618326f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30108", "type": "published-proof-of-concept", "source": "Telegram/1FU9JKkDtGpcne3Ep4nL0vHVyNGozrk1LcnkQn-O_2rRjKw", "content": "", "creation_timestamp": "2025-03-27T22:00:06.000000Z"}]}