{"vulnerability": "CVE-2025-2152", "sightings": [{"uuid": "c86e4d43-5a5f-46d7-8910-3edf35b4f3ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21520", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbrnz332b2s", "content": "", "creation_timestamp": "2025-01-21T21:17:36.863490Z"}, {"uuid": "07b8a290-81c9-40c0-b062-448ba6d75057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21521", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbro3bm5k2e", "content": "", "creation_timestamp": "2025-01-21T21:17:39.318058Z"}, {"uuid": "a55b40c3-4450-4cdc-a1b0-5aa0db312c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21522", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbro5jo432p", "content": "", "creation_timestamp": "2025-01-21T21:17:41.907918Z"}, {"uuid": "ce0494f9-8b24-4bb2-b240-14f9de931e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21526", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbrohhacw27", "content": "", "creation_timestamp": "2025-01-21T21:17:52.039316Z"}, {"uuid": "f530a5d1-146c-497b-9a04-11f4f64c9fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21523", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbro7so232p", "content": "", "creation_timestamp": "2025-01-21T21:17:44.784915Z"}, {"uuid": "cbbf727f-552b-47a4-b316-f85cd639acf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21524", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbrobymzh2j", "content": "", "creation_timestamp": "2025-01-21T21:17:47.195924Z"}, {"uuid": "30542eb3-3757-4b42-88d8-74dc1e89c52d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21525", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbroeyusz2s", "content": "", "creation_timestamp": "2025-01-21T21:17:49.943623Z"}, {"uuid": "4cad5322-4ae5-4718-bba3-51874ba08f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21529", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbroow74g2r", "content": "", "creation_timestamp": "2025-01-21T21:17:59.919150Z"}, {"uuid": "b0be210a-6b61-4a44-8e77-ba068decc415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21527", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbrojvvis2e", "content": "", "creation_timestamp": "2025-01-21T21:17:54.668272Z"}, {"uuid": "ce6f3185-1c2a-438e-9c06-8dda731702f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21528", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgbromhze42f", "content": "", "creation_timestamp": "2025-01-21T21:17:57.412323Z"}, {"uuid": "5d4755e7-ef80-48e7-a03e-2c18e00c276f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21524", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113868546792768210", "content": "", "creation_timestamp": "2025-01-21T21:48:57.439960Z"}, {"uuid": "07656ee7-d5db-4d10-aca7-94c9cb063240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21524", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lgdprwsc7h2y", "content": "", "creation_timestamp": "2025-01-22T15:49:21.215746Z"}, {"uuid": "6e19776f-a027-4227-b670-c70232e0318c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21522", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2618", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21522\n\ud83d\udd39 Description: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser).  Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and  9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\ud83d\udccf Published: 2025-01-21T20:53:05.137Z\n\ud83d\udccf Modified: 2025-01-22T18:33:43.222Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpujan2025.html", "creation_timestamp": "2025-01-22T19:02:54.000000Z"}, {"uuid": "97a1ceeb-4be5-4387-92ce-21029e6bb6d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2152", "type": "seen", "source": "https://t.me/cvedetector/19954", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-2152 - \"Assimp Heap-Based Buffer Overflow Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-2152 \nPublished : March 10, 2025, 2:15 p.m. | 57\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T16:31:52.000000Z"}, {"uuid": "e11faa77-0ac7-494f-bfd6-16c1e0207f3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21521", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2617", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21521\n\ud83d\udd39 Description: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling).  Supported versions that are affected are 8.0.39 and prior, 8.4.2 and prior and  9.0.1 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 7.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).\n\ud83d\udccf Published: 2025-01-21T20:53:04.705Z\n\ud83d\udccf Modified: 2025-01-22T18:34:41.832Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpujan2025.html", "creation_timestamp": "2025-01-22T19:02:54.000000Z"}, {"uuid": "a75cef1f-e85d-4cd5-b561-a7343b8ade42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21520", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2616", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21520\n\ud83d\udd39 Description: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options).  Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and  9.1.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 1.8 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N).\n\ud83d\udccf Published: 2025-01-21T20:53:04.217Z\n\ud83d\udccf Modified: 2025-01-22T18:35:43.370Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpujan2025.html", "creation_timestamp": "2025-01-22T19:02:53.000000Z"}, {"uuid": "98529666-7b0d-4c96-ba37-8da9339647d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21524", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5251", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21524\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics SEC).  Supported versions that are affected are Prior to 9.2.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools.  Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\n\ud83d\udccf Published: 2025-01-21T20:53:05.881Z\n\ud83d\udccf Modified: 2025-02-25T04:55:08.527Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpujan2025.html", "creation_timestamp": "2025-02-25T05:24:15.000000Z"}, {"uuid": "1e6f1d0e-1062-4b3b-a435-e8a9fb980af6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2152", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6993", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2152\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-03-10T13:31:04.159Z\n\ud83d\udccf Modified: 2025-03-10T13:31:04.159Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299063\n2. https://vuldb.com/?ctiid.299063\n3. https://vuldb.com/?submit.510818\n4. https://github.com/assimp/assimp/issues/6027\n5. https://github.com/assimp/assimp/issues/6027#issue-2877629241", "creation_timestamp": "2025-03-10T13:39:16.000000Z"}, {"uuid": "56590a2a-b50c-475c-ac6a-403f95ac437b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2152", "type": "published-proof-of-concept", "source": "Telegram/gQiLbLyrGcEAYQ4kLv-TfWz8ZNmmE7OQ0OBpQR-gFZA6z4A", "content": "", "creation_timestamp": "2025-03-10T16:01:15.000000Z"}]}