CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution.
The vulnerabilities in question are listed below -
CVE-2025-4427 (CVSS score: 5.3) - An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials
CVSS: MEDIUM (5.3) EPSS Score: 82.26%
May 14th, 2025 (about 1 month ago)
|
CVE-2024-0340 |
Description: A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.
CVSS: MEDIUM (4.4) EPSS Score: 0.01%
May 14th, 2025 (about 1 month ago)
|
|
CVE-2025-47905 |
Description: Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish Enterprise before 6.0.13r14, allow client-side desync via HTTP/1 requests, because the product incorrectly permits CRLF to be skipped to delimit chunk boundaries.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
May 13th, 2025 (about 1 month ago)
|
|
CVE-2025-24495 |
Description: Incorrect initialization of resource in the branch prediction unit for some Intel(R) Core™ Ultra Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVSS: MEDIUM (6.8) EPSS Score: 0.02%
May 13th, 2025 (about 1 month ago)
|
|
CVE-2025-23233 |
Description: Incorrect execution-assigned permissions for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
CVSS: MEDIUM (5.1) EPSS Score: 0.02%
May 13th, 2025 (about 1 month ago)
|
|
CVE-2025-22895 |
Description: Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable information disclosure via local access.
CVSS: MEDIUM (5.5) EPSS Score: 0.01%
May 13th, 2025 (about 1 month ago)
|
|
CVE-2025-22892 |
Description: Uncontrolled resource consumption for some OpenVINO™ model server software maintained by Intel(R) before version 2024.4 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVSS: MEDIUM (6.5) EPSS Score: 0.02%
May 13th, 2025 (about 1 month ago)
|
|
CVE-2025-22844 |
Description: Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
CVSS: MEDIUM (5.3) EPSS Score: 0.02%
May 13th, 2025 (about 1 month ago)
|
|
CVE-2025-22448 |
Description: Insecure inherited permissions for some Intel(R) Simics(R) Package Manager software before version 1.12.0 may allow an authenticated user to potentially enable denial of service via local access.
CVSS: MEDIUM (6.9) EPSS Score: 0.03%
May 13th, 2025 (about 1 month ago)
|
|
CVE-2025-22446 |
Description: Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
CVSS: MEDIUM (4.6) EPSS Score: 0.01%
May 13th, 2025 (about 1 month ago)
|