Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[@backstage/plugin-permission-backend] Permission policy information leakage in Backstage permission system
Description: Impact A vulnerability in the Backstage permission plugin backend allows callers to extract some information about the conditional decisions returned by the permission policy installed in the permission backend. If the permission system is not in use or if the installed permission policy does not use conditional decisions, there is no impact. Patches This issue has been resolved in version 0.6.0 of the permissions backend. Workarounds Administrators of the permission policies can ensure that they are crafted in such a way that conditional decisions do not contain any sensitive information. References If you have any questions or comments about this advisory: Open an issue in the Backstage repository Visit our Discord, linked to in Backstage README References https://github.com/backstage/backstage/security/advisories/GHSA-f8j4-p5cr-p777 https://github.com/advisories/GHSA-f8j4-p5cr-p777
Source: Github Advisory Database (NPM)
April 16th, 2025 (4 days ago)
Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data
Description: Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion.
Source: Dark Reading
April 16th, 2025 (4 days ago)
[org.xwiki.platform:xwiki-platform-messagestream] Unregistered users can see "public" messages from a closed wiki via notifications from a differen...
Description: Impact This vulnerability impacts users of a subwiki of XWiki where Message Stream is enabled and use, if they configured their wiki to be closed by selecting "Prevent unregistered users to view pages" in the Administrations Rights. The vulnerability is that any message sent in a subwiki to "everyone" is actually sent to the farm: any visitor of the main wiki will be able to see that message through the Dashboard, even if the subwiki is configured to be private. Patches This problem has not been patched and is not going to be patched in the future: Message Stream has been deprecated in XWiki 16.8.0RC1 and is not maintained anymore. Workarounds Message Stream is disabled by default, it's advised to keep it disabled from Administration > Social > Message Stream. References https://jira.xwiki.org/browse/XWIKI-17154 References https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-42fh-pvvh-999x https://jira.xwiki.org/browse/XWIKI-17154 https://github.com/advisories/GHSA-42fh-pvvh-999x
Source: Github Advisory Database (Maven)
April 16th, 2025 (4 days ago)

CVE-2025-20178
Cisco Secure Network Analytics Privilege Escalation Vulnerability
Description: A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system. This vulnerability is due to insufficient integrity checks within device backup files. An attacker with valid administrative credentials could exploit this vulnerability by crafting a malicious backup file and restoring it to an affected device. A successful exploit could allow the attacker to obtain shell access on the underlying operating system with the privileges of root. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-prvesc-4BQmK33Z Security Impact Rating: Medium CVE: CVE-2025-20178

EPSS Score: 0.01%

Source: Cisco Security Advisory
April 16th, 2025 (4 days ago)

CVE-2025-20236
Cisco Webex App Client-Side Remote Code Execution Vulnerability
Description: A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user. This vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC Security Impact Rating: High CVE: CVE-2025-20236

EPSS Score: 0.1%

Source: Cisco Security Advisory
April 16th, 2025 (4 days ago)

CVE-2025-20150
Cisco Nexus Dashboard LDAP Username Enumeration Vulnerability
Description: A vulnerability in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to enumerate LDAP user accounts. This vulnerability is due to the improper handling of LDAP authentication requests. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow an attacker to determine which usernames are valid LDAP user accounts. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-unenum-2xFFh472 Security Impact Rating: Medium CVE: CVE-2025-20150

EPSS Score: 0.03%

Source: Cisco Security Advisory
April 16th, 2025 (4 days ago)

CVE-2025-23138
watch_queue: fix pipe accounting mismatch
Description: In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe itself, due to the if (!pipe_has_watch_queue()) test in pipe_resize_ring(). This means that when the pipe is ultimately freed, we decrement user->pipe_bufs by something other than what than we had charged to it, potentially leading to an underflow. This in turn can cause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM. To remedy this, explicitly account for the pipe usage in watch_queue_set_size() to match the number set via account_pipe_buffers() (It's unclear why watch_queue_set_size() does not update nr_accounted; it may be due to intentional overprovisioning in watch_queue_set_size()?)

EPSS Score: 0.02%

Source: CVE
April 16th, 2025 (4 days ago)

CVE-2025-23137
cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
Description: In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update Check if policy is NULL before dereferencing it in amd_pstate_update.

EPSS Score: 0.02%

Source: CVE
April 16th, 2025 (4 days ago)

CVE-2025-23136
thermal: int340x: Add NULL check for adev
Description: In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: Add NULL check for adev Not all devices have an ACPI companion fwnode, so adev might be NULL. This is similar to the commit cd2fd6eab480 ("platform/x86: int3472: Check for adev == NULL"). Add a check for adev not being set and return -ENODEV in that case to avoid a possible NULL pointer deref in int3402_thermal_probe(). Note, under the same directory, int3400_thermal_probe() has such a check. [ rjw: Subject edit, added Fixes: ]

EPSS Score: 0.03%

Source: CVE
April 16th, 2025 (4 days ago)

CVE-2025-23135
RISC-V: KVM: Teardown riscv specific bits after kvm_exit
Description: In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Teardown riscv specific bits after kvm_exit During a module removal, kvm_exit invokes arch specific disable call which disables AIA. However, we invoke aia_exit before kvm_exit resulting in the following warning. KVM kernel module can't be inserted afterwards due to inconsistent state of IRQ. [25469.031389] percpu IRQ 31 still enabled on CPU0! [25469.031732] WARNING: CPU: 3 PID: 943 at kernel/irq/manage.c:2476 __free_percpu_irq+0xa2/0x150 [25469.031804] Modules linked in: kvm(-) [25469.031848] CPU: 3 UID: 0 PID: 943 Comm: rmmod Not tainted 6.14.0-rc5-06947-g91c763118f47-dirty #2 [25469.031905] Hardware name: riscv-virtio,qemu (DT) [25469.031928] epc : __free_percpu_irq+0xa2/0x150 [25469.031976] ra : __free_percpu_irq+0xa2/0x150 [25469.032197] epc : ffffffff8007db1e ra : ffffffff8007db1e sp : ff2000000088bd50 [25469.032241] gp : ffffffff8131cef8 tp : ff60000080b96400 t0 : ff2000000088baf8 [25469.032285] t1 : fffffffffffffffc t2 : 5249207570637265 s0 : ff2000000088bd90 [25469.032329] s1 : ff60000098b21080 a0 : 037d527a15eb4f00 a1 : 037d527a15eb4f00 [25469.032372] a2 : 0000000000000023 a3 : 0000000000000001 a4 : ffffffff8122dbf8 [25469.032410] a5 : 0000000000000fff a6 : 0000000000000000 a7 : ffffffff8122dc10 [25469.032448] s2 : ff60000080c22eb0 s3 : 0000000200000022 s4 : 000000000000001f [25469.032488] s5 : ff60000080c22e00 s6 : ffffffff80c351c0 s7 : 0000000000000000 [25469.032582] s8...

EPSS Score: 0.02%

Source: CVE
April 16th, 2025 (4 days ago)