Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via the API). A malicious project assigned as a node owner can provide a path to any local file (readable by ironic-conductor), which may then be written to the target node disk. This is difficult to exploit in practice, because a node deployed in this manner should never reach the ACTIVE state, but it still represents a danger in environments running with non-default, insecure configurations such as with automated cleaning disabled. The fixed versions are 24.1.3, 26.1.1, and 29.0.1. References https://nvd.nist.gov/vuln/detail/CVE-2025-44021 https://bugs.launchpad.net/ironic/+bug/2107847 https://security.openstack.org/ossa/OSSA-2025-001.html https://github.com/openstack/ironic/commit/10590b36f541130f6a5d7a49da0f095ff8390cce https://github.com/advisories/GHSA-q3m2-crgq-5p3q

CVSS: LOW (2.8)

EPSS Score: 0.01%

Source: Github Advisory Database (PIP)
May 8th, 2025 (about 1 month ago)

CVE-2025-46812

Description: Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Versions prior to 2.1.15 are vulnerable to XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the user's session, potentially leading to unauthorized actions being performed or sensitive information being disclosed. This issue has been patched in version 2.1.15.

CVSS: LOW (2.0)

EPSS Score: 0.06%

SSVC Exploitation: none

Source: CVE
May 8th, 2025 (about 1 month ago)

CVE-2025-46712

Description: Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these messages in a connection during the handshake. This issue has been patched in versions OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25).

CVSS: LOW (3.7)

EPSS Score: 0.03%

Source: CVE
May 8th, 2025 (about 1 month ago)

CVE-2025-44021

Description: OpenStack Ironic before 29.0.1 can write unintended files to a target node disk during image handling (if a deployment was performed via the API). A malicious project assigned as a node owner can provide a path to any local file (readable by ironic-conductor), which may then be written to the target node disk. This is difficult to exploit in practice, because a node deployed in this manner should never reach the ACTIVE state, but it still represents a danger in environments running with non-default, insecure configurations such as with automated cleaning disabled. The fixed versions are 24.1.3, 26.1.1, and 29.0.1.

CVSS: LOW (2.8)

EPSS Score: 0.01%

Source: CVE
May 8th, 2025 (about 1 month ago)

CVE-2025-47729

🚨 Marked as known exploited on May 8th, 2025 (about 1 month ago).
Description: The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL (aka Archive Signal) app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as exploited in the wild in May 2025.

CVSS: LOW (1.9)

EPSS Score: 8.55%

Source: CVE
May 8th, 2025 (about 1 month ago)

CVE-2024-55651

Description: i-Educar is free, fully online school management software. Version 2.9 of the application fails to properly validate and sanitize user supplied input, leading to a stored cross-site scripting vulnerability that resides within the user type (Tipo de Usuário) input field. Through this attacker vector a malicious user might be able to retrieve information belonging to another user, which may lead to sensitive information leakage or other malicious actions. As of time of publication, no patched versions are known to exist.

CVSS: LOW (2.0)

EPSS Score: 0.05%

Source: CVE
May 8th, 2025 (about 1 month ago)

CVE-2025-46826

Description: insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridge, potentially revealing basic student information (name and number). However, the issue posed minimal risk, was never exploited, and had limited impact. A fix was implemented promptly on May 3, 2025.

CVSS: LOW (1.3)

EPSS Score: 0.19%

Source: CVE
May 7th, 2025 (about 1 month ago)

CVE-2025-46824

Description: The Discourse Code Review Plugin allows users to review GitHub commits on Discourse. Prior to commit eed3a80, an attacker can execute arbitrary JavaScript on users' browsers by posting links to malicious GitHub commits. This problem is patched in commit eed3a80 of the discourse-code-review plugin. As a workaround, one may disable the plugin.

CVSS: LOW (3.1)

EPSS Score: 0.03%

Source: CVE
May 7th, 2025 (about 1 month ago)

CVE-2025-20977

Description: Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for triggering this vulnerability.

CVSS: LOW (3.3)

EPSS Score: 0.01%

Source: CVE
May 7th, 2025 (about 1 month ago)

CVE-2025-1400

Description: Out-of-bounds Read vulnerability in unpack_response (conn.c) in libplctag from 2.0 through 2.6.3 allows Overread Buffers via network.

CVSS: LOW (3.1)

EPSS Score: 0.03%

Source: CVE
May 7th, 2025 (about 1 month ago)