CyberAlerts

CVE-2025-2947

Description: IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the command to elevate privileges to gain root access to the host operating system.

CVSS: HIGH (7.2)

EPSS Score: 0.05%

SSVC Exploitation: none

Source: CVE

April 17th, 2025 (2 months ago)

CVE-2024-0206

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to...

Description: A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files

CVSS: HIGH (7.1)

EPSS Score: 0.12%

SSVC Exploitation: none

Source: CVE

April 17th, 2025 (2 months ago)

CVE-2025-2222

Schneider Electric ConneXium Network Manager

Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: ConneXium Network Manager Vulnerabilities: Files or Directories Accessible to External Parties, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data, escalate privileges, or perform remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following products are affected: Schneider Electric ConneXium Network Manager: Version 2.0.01 (CVE-2025-2222) Schneider Electric ConneXium Network Manager: All versions (CVE-2025-2223) 3.2 VULNERABILITY OVERVIEW 3.2.1 FILES OR DIRECTORIES ACCESSIBLE TO EXTERNAL PARTIES CWE-552 CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following a Man-In-The-Middle attack. CVE-2025-2222 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). A CVSS v4 score has also been calculated for CVE-2025-2222. A base score of 8.2 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N). 3.2.2 IMPROPER INPUT VALIDATION CWE-20 CWE-20: Improper Input Validation vulnerability exists that could cause a loss of confidentiality, ...

CVSS: HIGH (8.2)

EPSS Score: 0.03%

Source: All CISA Advisories

April 17th, 2025 (2 months ago)

CVE-2025-29039

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8

Description: An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8

CVSS: HIGH (7.2)

EPSS Score: 0.2%

Source: CVE

April 17th, 2025 (2 months ago)

CVE-2024-55238

OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO...

Description: OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query.

CVSS: HIGH (7.1)

EPSS Score: 0.03%

Source: CVE

April 17th, 2025 (2 months ago)

CVE-2025-31200

Apple Multiple Products Memory Corruption Vulnerability

Description: Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file.

CVSS: HIGH (7.5)

EPSS Score: 0.22%

Source: CISA KEV

April 17th, 2025 (2 months ago)

CVE-2025-43015

In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces

Description: In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces

CVSS: HIGH (8.3)

EPSS Score: 0.01%

Source: CVE

April 17th, 2025 (2 months ago)

CVE-2025-43012

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible

Description: In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible

CVSS: HIGH (8.3)

EPSS Score: 0.0%

Source: CVE

April 17th, 2025 (2 months ago)

CVE-2025-39594

WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.4 - Reflected Cross Site Scripting (XSS) vulnerability

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Arigato Autoresponder and Newsletter allows Reflected XSS. This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.4.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE

April 17th, 2025 (2 months ago)

CVE-2025-39586

WordPress ProfileGrid <= 5.9.4.8 - SQL Injection Vulnerability

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows SQL Injection. This issue affects ProfileGrid : from n/a through 5.9.4.8.

CVSS: HIGH (8.5)

EPSS Score: 0.03%

Source: CVE

April 17th, 2025 (2 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-2947	IBM i privilege escalation Description: IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the command to elevate privileges to gain root access to the host operating system. CVSS: HIGH (7.2) EPSS Score: 0.05% SSVC Exploitation: none Source: CVE April 17th, 2025 (2 months ago)
CVE-2024-0206	A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to... Description: A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files CVSS: HIGH (7.1) EPSS Score: 0.12% SSVC Exploitation: none Source: CVE April 17th, 2025 (2 months ago)
CVE-2025-2222	Schneider Electric ConneXium Network Manager Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: ConneXium Network Manager Vulnerabilities: Files or Directories Accessible to External Parties, Improper Input Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to access sensitive data, escalate privileges, or perform remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following products are affected: Schneider Electric ConneXium Network Manager: Version 2.0.01 (CVE-2025-2222) Schneider Electric ConneXium Network Manager: All versions (CVE-2025-2223) 3.2 VULNERABILITY OVERVIEW 3.2.1 FILES OR DIRECTORIES ACCESSIBLE TO EXTERNAL PARTIES CWE-552 CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following a Man-In-The-Middle attack. CVE-2025-2222 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). A CVSS v4 score has also been calculated for CVE-2025-2222. A base score of 8.2 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N). 3.2.2 IMPROPER INPUT VALIDATION CWE-20 CWE-20: Improper Input Validation vulnerability exists that could cause a loss of confidentiality, ... CVSS: HIGH (8.2) EPSS Score: 0.03% Source: All CISA Advisories April 17th, 2025 (2 months ago)
CVE-2025-29039	An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8 Description: An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x41dda8 CVSS: HIGH (7.2) EPSS Score: 0.2% Source: CVE April 17th, 2025 (2 months ago)
CVE-2024-55238	OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO... Description: OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query. CVSS: HIGH (7.1) EPSS Score: 0.03% Source: CVE April 17th, 2025 (2 months ago)
CVE-2025-31200	Apple Multiple Products Memory Corruption Vulnerability Description: Apple iOS, iPadOS, macOS, and other Apple products contain a memory corruption vulnerability that allows for code execution when processing an audio stream in a maliciously crafted media file. CVSS: HIGH (7.5) EPSS Score: 0.22% Source: CISA KEV April 17th, 2025 (2 months ago)
CVE-2025-43015	In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces Description: In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces CVSS: HIGH (8.3) EPSS Score: 0.01% Source: CVE April 17th, 2025 (2 months ago)
CVE-2025-43012	In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible Description: In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible CVSS: HIGH (8.3) EPSS Score: 0.0% Source: CVE April 17th, 2025 (2 months ago)
CVE-2025-39594	WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.4 - Reflected Cross Site Scripting (XSS) vulnerability Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Arigato Autoresponder and Newsletter allows Reflected XSS. This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.4. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE April 17th, 2025 (2 months ago)
CVE-2025-39586	WordPress ProfileGrid <= 5.9.4.8 - SQL Injection Vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows SQL Injection. This issue affects ProfileGrid : from n/a through 5.9.4.8. CVSS: HIGH (8.5) EPSS Score: 0.03% Source: CVE April 17th, 2025 (2 months ago)