{"vulnerability": "CVE-2025-3070", "sightings": [{"uuid": "23bdae1e-90b3-4640-95c3-0b19eb9cd4fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3070", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llsfizxarv2h", "content": "", "creation_timestamp": "2025-04-02T03:01:24.523035Z"}, {"uuid": "0e98e2fe-214d-48d9-b329-c61edd8ffe1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3070", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114267976529152742", "content": "", "creation_timestamp": "2025-04-02T10:49:10.947262Z"}, {"uuid": "c67e7eda-8117-4794-bdc9-a5317e61fcbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3070", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114267976529152742", "content": "", "creation_timestamp": "2025-04-02T10:49:10.943668Z"}, {"uuid": "429057cc-e4ba-40e7-bfab-2104982093f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3070", "type": "seen", "source": "https://www.thezdi.com/blog/2025/4/8/the-april-2025-security-update-review", "content": "", "creation_timestamp": "2025-04-08T16:14:25.000000Z"}, {"uuid": "3071ef18-da6a-4775-9ccd-7661faa4c8fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30702", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11902", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30702\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Vulnerability in the Fleet Patching and amp; Provisioning component of Oracle Database Server.  Supported versions that are affected are 19.3-19.26. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Fleet Patching and amp; Provisioning.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Fleet Patching and amp; Provisioning accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).\n\ud83d\udccf Published: 2025-04-15T20:41:18.129Z\n\ud83d\udccf Modified: 2025-04-15T20:41:18.129Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpuapr2025.html", "creation_timestamp": "2025-04-15T20:55:02.000000Z"}, {"uuid": "9c64ef78-23b7-477c-910f-6278e262baf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30708", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11901", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30708\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Search and Register Users).  Supported versions that are affected are 12.2.4-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle User Management.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle User Management accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n\ud83d\udccf Published: 2025-04-15T20:31:09.126Z\n\ud83d\udccf Modified: 2025-04-15T20:43:02.077Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpuapr2025.html", "creation_timestamp": "2025-04-15T20:55:01.000000Z"}, {"uuid": "861acfc6-7dac-45ce-a1f7-d6665aba825d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30706", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12185", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30706\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).  Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).\n\ud83d\udccf Published: 2025-04-15T20:31:08.449Z\n\ud83d\udccf Modified: 2025-04-17T03:55:25.666Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpuapr2025.html", "creation_timestamp": "2025-04-17T04:57:26.000000Z"}, {"uuid": "bfe31c22-e81f-4dba-b49b-af884d15fc48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-30701", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12181", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30701\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Vulnerability in the RAS Security component of Oracle Database Server.  Supported versions that are affected are 19.3-19.26, 21.3-21.17 and  23.4-23.7. Easily exploitable vulnerability allows low privileged attacker having User Account privilege with network access via Oracle Net to compromise RAS Security.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all RAS Security accessible data as well as  unauthorized access to critical data or complete access to all RAS Security accessible data. CVSS 3.1 Base Score 7.3 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N).\n\ud83d\udccf Published: 2025-04-15T20:31:06.777Z\n\ud83d\udccf Modified: 2025-04-17T03:55:41.401Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpuapr2025.html", "creation_timestamp": "2025-04-17T04:57:21.000000Z"}, {"uuid": "01236a9e-7b4c-4a28-a0ca-ca682aebf3db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3070", "type": "seen", "source": "https://t.me/cvedetector/21832", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3070 - Google Chrome Extension Input Validation Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3070 \nPublished : April 2, 2025, 1:15 a.m. | 32\u00a0minutes ago \nDescription : Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T04:06:58.000000Z"}]}