CyberAlerts

CVE-2025-24855

RHEL 9 : libxslt (RHSA-2025:3627)

Description: Nessus Plugin ID 234281 with High Severity Synopsis The remote Red Hat host is missing one or more security updates for libxslt. Description The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3627 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Solution Update the RHEL libxslt package based on the guidance in RHSA-2025:3627. Read more at https://www.tenable.com/plugins/nessus/234281

CVSS: HIGH (7.8)

Source: Tenable Plugins

April 14th, 2025 (7 days ago)

CVE-2025-30204

RHEL 9 : opentelemetry-collector (RHSA-2025:3698)

Description: Nessus Plugin ID 234283 with High Severity Synopsis The remote Red Hat host is missing a security update for opentelemetry-collector. Description The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3698 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fix(es): * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL opentelemetry-collector package based on the guidance in RHSA-2025:3698. Read more at https://www.tenable.com/plugins/nessus/234283

CVSS: HIGH (7.5)

EPSS Score: 0.02%

Source: Tenable Plugins

April 14th, 2025 (7 days ago)

CVE-2025-30204

RHEL 9 : grafana (RHSA-2025:3618)

Description: Nessus Plugin ID 234284 with High Severity Synopsis The remote Red Hat host is missing a security update for grafana. Description The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3618 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL grafana package based on the guidance in RHSA-2025:3618. Read more at https://www.tenable.com/plugins/nessus/234284

CVSS: HIGH (7.5)

EPSS Score: 0.02%

Source: Tenable Plugins

April 14th, 2025 (7 days ago)

CVE-2025-30211

Azure Linux 3.0 Security Update: erlang (CVE-2025-30211)

Description: Nessus Plugin ID 234304 with High Severity Synopsis The remote Azure Linux host is missing one or more security updates. Description The version of erlang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-30211 advisory. - Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message. Big KEX init packet May lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data. Versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19 fix the issue. Some workarounds are available. One May set option `parallel_login` to `false` and/or reduce the `max_sessions` option. (CVE-2025-30211)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected packages. Read more at https://www.tenable.com/plugins/nessus/234304

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: Tenable Plugins

April 14th, 2025 (7 days ago)

CVE-2024-12905

CBL Mariner 2.0 Security Update: reaper (CVE-2024-12905)

Description: Nessus Plugin ID 234305 with High Severity Synopsis The remote CBL Mariner host is missing one or more security updates. Description The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12905 advisory. - An Improper Link Resolution Before File Access (Link Following) and Improper Limitation of a Pathname to a Restricted Directory (Path Traversal). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intended extraction directory. The issue is associated with index.js in the tar-fs package. This issue affects tar-fs: from 0.0.0 before 1.16.4, from 2.0.0 before 2.1.2, from 3.0.0 before 3.0.8. (CVE-2024-12905)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected packages. Read more at https://www.tenable.com/plugins/nessus/234305

CVSS: HIGH (7.5)

EPSS Score: 0.06%

Source: Tenable Plugins

April 14th, 2025 (7 days ago)

CVE-2017-17521

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : fontforge (SUSE-SU-2025:1199-1)

Description: Nessus Plugin ID 234314 with High Severity Synopsis The remote SUSE host is missing a security update. Description The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1199-1 advisory. - CVE-2017-17521: Fixed command injection in help function uiutil.c (bsc#1073014)Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected fontforge, fontforge-devel and / or fontforge-doc packages. Read more at https://www.tenable.com/plugins/nessus/234314

CVSS: HIGH (8.8)

Source: Tenable Plugins

April 14th, 2025 (7 days ago)

CVE-2025-27363

Oracle Linux 7 : freetype (ELSA-2025-3395)

Description: Nessus Plugin ID 234317 with High Severity Synopsis The remote Oracle Linux host is missing a security update. Description The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3395 advisory. [2.8-14.0.1.el7_9.1] - Fix CVE-2025-27363 Out-of-bounds Write [Orabug: 37770275][CVE-2025-27363]Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected freetype, freetype-demos and / or freetype-devel packages. Read more at https://www.tenable.com/plugins/nessus/234317

CVSS: HIGH (8.1)

Source: Tenable Plugins

April 14th, 2025 (7 days ago)

CVE-2025-3572

INTUMIT SmartRobot - Server-Side Request Forgery

Description: SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server.

CVSS: HIGH (7.5)

EPSS Score: 0.03%

Source: CVE

April 14th, 2025 (7 days ago)

CVE-2025-3546

H3C Magic BE18000 HTTP POST Request getLanguage FCGI_CheckStringIfContainsSemicolon command injection

Description: A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. In H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 bis V100R014 wurde eine kritische Schwachstelle ausgemacht. Es geht um die Funktion FCGI_CheckStringIfContainsSemicolon der Datei /api/wizard/getLanguage der Komponente HTTP POST Request Handler. Mittels Manipulieren mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.

CVSS: HIGH (8.6)

EPSS Score: 0.79%

Source: CVE

April 14th, 2025 (7 days ago)

CVE-2025-3545

H3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injection

Description: A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/setLanguage of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Es wurde eine kritische Schwachstelle in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 bis V100R014 ausgemacht. Betroffen hiervon ist die Funktion FCGI_CheckStringIfContainsSemicolon der Datei /api/wizard/setLanguage der Komponente HTTP POST Request Handler. Mittels dem Manipulieren mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.

CVSS: HIGH (8.6)

EPSS Score: 0.79%

Source: CVE

April 14th, 2025 (7 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-24855	RHEL 9 : libxslt (RHSA-2025:3627) Description: Nessus Plugin ID 234281 with High Severity Synopsis The remote Red Hat host is missing one or more security updates for libxslt. Description The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3627 advisory. libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism. Security Fix(es): * libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855) * libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. Solution Update the RHEL libxslt package based on the guidance in RHSA-2025:3627. Read more at https://www.tenable.com/plugins/nessus/234281 CVSS: HIGH (7.8) Source: Tenable Plugins April 14th, 2025 (7 days ago)
CVE-2025-30204	RHEL 9 : opentelemetry-collector (RHSA-2025:3698) Description: Nessus Plugin ID 234283 with High Severity Synopsis The remote Red Hat host is missing a security update for opentelemetry-collector. Description The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:3698 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fix(es): * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL opentelemetry-collector package based on the guidance in RHSA-2025:3698. Read more at https://www.tenable.com/plugins/nessus/234283 CVSS: HIGH (7.5) EPSS Score: 0.02% Source: Tenable Plugins April 14th, 2025 (7 days ago)
CVE-2025-30204	RHEL 9 : grafana (RHSA-2025:3618) Description: Nessus Plugin ID 234284 with High Severity Synopsis The remote Red Hat host is missing a security update for grafana. Description The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3618 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL grafana package based on the guidance in RHSA-2025:3618. Read more at https://www.tenable.com/plugins/nessus/234284 CVSS: HIGH (7.5) EPSS Score: 0.02% Source: Tenable Plugins April 14th, 2025 (7 days ago)
CVE-2025-30211	Azure Linux 3.0 Security Update: erlang (CVE-2025-30211) Description: Nessus Plugin ID 234304 with High Severity Synopsis The remote Azure Linux host is missing one or more security updates. Description The version of erlang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-30211 advisory. - Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.1, 26.2.5.10, and 25.3.2.19, a maliciously formed KEX init message can result with high memory usage. Implementation does not verify RFC specified limits on algorithm names (64 characters) provided in KEX init message. Big KEX init packet May lead to inefficient processing of the error data. As a result, large amount of memory will be allocated for processing malicious data. Versions OTP-27.3.1, OTP-26.2.5.10, and OTP-25.3.2.19 fix the issue. Some workarounds are available. One May set option `parallel_login` to `false` and/or reduce the `max_sessions` option. (CVE-2025-30211)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected packages. Read more at https://www.tenable.com/plugins/nessus/234304 CVSS: HIGH (7.5) EPSS Score: 0.05% Source: Tenable Plugins April 14th, 2025 (7 days ago)
CVE-2024-12905	CBL Mariner 2.0 Security Update: reaper (CVE-2024-12905) Description: Nessus Plugin ID 234305 with High Severity Synopsis The remote CBL Mariner host is missing one or more security updates. Description The version of reaper installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-12905 advisory. - An Improper Link Resolution Before File Access (Link Following) and Improper Limitation of a Pathname to a Restricted Directory (Path Traversal). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intended extraction directory. The issue is associated with index.js in the tar-fs package. This issue affects tar-fs: from 0.0.0 before 1.16.4, from 2.0.0 before 2.1.2, from 3.0.0 before 3.0.8. (CVE-2024-12905)Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected packages. Read more at https://www.tenable.com/plugins/nessus/234305 CVSS: HIGH (7.5) EPSS Score: 0.06% Source: Tenable Plugins April 14th, 2025 (7 days ago)
CVE-2017-17521	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : fontforge (SUSE-SU-2025:1199-1) Description: Nessus Plugin ID 234314 with High Severity Synopsis The remote SUSE host is missing a security update. Description The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1199-1 advisory. - CVE-2017-17521: Fixed command injection in help function uiutil.c (bsc#1073014)Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected fontforge, fontforge-devel and / or fontforge-doc packages. Read more at https://www.tenable.com/plugins/nessus/234314 CVSS: HIGH (8.8) Source: Tenable Plugins April 14th, 2025 (7 days ago)
CVE-2025-27363	Oracle Linux 7 : freetype (ELSA-2025-3395) Description: Nessus Plugin ID 234317 with High Severity Synopsis The remote Oracle Linux host is missing a security update. Description The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-3395 advisory. [2.8-14.0.1.el7_9.1] - Fix CVE-2025-27363 Out-of-bounds Write [Orabug: 37770275][CVE-2025-27363]Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected freetype, freetype-demos and / or freetype-devel packages. Read more at https://www.tenable.com/plugins/nessus/234317 CVSS: HIGH (8.1) Source: Tenable Plugins April 14th, 2025 (7 days ago)
CVE-2025-3572	INTUMIT SmartRobot - Server-Side Request Forgery Description: SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server. CVSS: HIGH (7.5) EPSS Score: 0.03% Source: CVE April 14th, 2025 (7 days ago)
CVE-2025-3546	H3C Magic BE18000 HTTP POST Request getLanguage FCGI_CheckStringIfContainsSemicolon command injection Description: A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/getLanguage of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. In H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 bis V100R014 wurde eine kritische Schwachstelle ausgemacht. Es geht um die Funktion FCGI_CheckStringIfContainsSemicolon der Datei /api/wizard/getLanguage der Komponente HTTP POST Request Handler. Mittels Manipulieren mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. CVSS: HIGH (8.6) EPSS Score: 0.79% Source: CVE April 14th, 2025 (7 days ago)
CVE-2025-3545	H3C Magic BE18000 HTTP POST Request setLanguage FCGI_CheckStringIfContainsSemicolon command injection Description: A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been classified as critical. Affected is the function FCGI_CheckStringIfContainsSemicolon of the file /api/wizard/setLanguage of the component HTTP POST Request Handler. The manipulation leads to command injection. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. Es wurde eine kritische Schwachstelle in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 bis V100R014 ausgemacht. Betroffen hiervon ist die Funktion FCGI_CheckStringIfContainsSemicolon der Datei /api/wizard/setLanguage der Komponente HTTP POST Request Handler. Mittels dem Manipulieren mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff im lokalen Netzwerk. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen. CVSS: HIGH (8.6) EPSS Score: 0.79% Source: CVE April 14th, 2025 (7 days ago)