CyberAlerts

CVE-2025-31492

SUSE SLES12 Security Update : apache2-mod_auth_openidc (SUSE-SU-2025:1337-1)

Description: Nessus Plugin ID 234614 with High Severity Synopsis The remote SUSE host is missing a security update. Description The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:1337-1 advisory. - CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. (bsc#1240893)Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected apache2-mod_auth_openidc package. Read more at https://www.tenable.com/plugins/nessus/234614

CVSS: HIGH (8.2)

EPSS Score: 0.19%

Source: Tenable Plugins

April 18th, 2025 (about 15 hours ago)

Photon OS 5.0: Mozjs PHSA-2025-5.0-0504

Description: Nessus Plugin ID 234615 with Critical Severity Synopsis The remote PhotonOS host is missing multiple security updates. Description An update of the mozjs package has been released. Solution Update the affected Linux packages. Read more at https://www.tenable.com/plugins/nessus/234615

Source: Tenable Plugins

April 18th, 2025 (about 15 hours ago)

Dell Trusted Device Installed (Windows)

Description: Nessus Plugin ID 234616 with Info Severity Synopsis Dell Trusted Device is installed on the remote Windows host. Description Dell Trusted Device (formerly known as Dell BIOS Verification) is installed on the remote Windows host. Solution null Read more at https://www.tenable.com/plugins/nessus/234616

Source: Tenable Plugins

April 18th, 2025 (about 15 hours ago)

CVE-2025-32433: Erlang/OTP SSH Unauthenticated Remote Code Execution Vulnerability

Description: Proof-of-concept code has been released after researchers disclosed a maximum severity remote code execution vulnerability in Erlang/OTP SSH. Successful exploitation could allow for complete takeover of affected devices.BackgroundOn April 16, Fabian Bäumer, Marcus Brinkmann, Marcel Maehren, and Jörg Schwenk of the Ruhr University Bochum in Germany disclosed a critical vulnerability in Erlang/OTP SSH to the OpenWall vulnerability mailing list. Additionally an official advisory was posted to the GitHub project for Erlang/OTP crediting the researchers for their disclosure.CVEDescriptionCVSSv3VPRCVE-2025-32433Erlang/OTP SSH Remote Code Execution Vulnerability10.010*Please note: Tenable’s Vulnerability Priority Rating (VPR) scores are calculated nightly. This blog post was published on April 18 and reflects VPR at that time.AnalysisCVE-2025-32433 is a remote code execution (RCE) vulnerability affecting the Erlang/OTP SSH server. The vulnerability exists due to a flaw in the SSH protocol message handling which could allow an unauthenticated attacker to execute arbitrary code. According to the advisory, all users running Erlang/OTP SSH servers are impacted and to assume impact if your application utilizes the Erlang/OTP SSH library. This vulnerability received the maximum CVSSv3 score of 10.0 and when the SSH daemon is running as root, allows an attacker to completely compromise an affected device.At the time this blog was published, no known exploitation has been observed, howev...

CVSS: CRITICAL (10.0)

EPSS Score: 0.39%

Source: Tenable Blog

April 18th, 2025 (about 15 hours ago)

AI Slop Is Breaking the Internet as We Know It (404 Media Live at SXSW)

Description: Here's our live panel and podcast from SXSW!

Source: 404 Media

April 18th, 2025 (about 15 hours ago)

CVE-2025-3791

symisc UnQLite unqlite.c jx9MemObjStore heap-based overflow

Description: A vulnerability classified as critical was found in symisc UnQLite up to 957c377cb691a4f617db9aba5cc46d90425071e2. This vulnerability affects the function jx9MemObjStore of the file /data/src/benchmarks/unqlite/unqlite.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. In symisc UnQLite bis 957c377cb691a4f617db9aba5cc46d90425071e2 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion jx9MemObjStore der Datei /data/src/benchmarks/unqlite/unqlite.c. Dank Manipulation mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung. Dieses Produkt verzichtet auf eine Versionierung und verwendet stattdessen Rolling Releases. Deshalb sind keine Details zu betroffenen oder zu aktualisierende Versionen vorhanden.

CVSS: MEDIUM (4.8)

SSVC Exploitation: poc

Source: CVE

April 18th, 2025 (about 15 hours ago)

CVE-2025-37838

HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition

Description: In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition In the ssi_protocol_probe() function, &ssi->work is bound with ssip_xmit_work(), In ssip_pn_setup(), the ssip_pn_xmit() function within the ssip_pn_ops structure is capable of starting the work. If we remove the module which will call ssi_protocol_remove() to make a cleanup, it will free ssi through kfree(ssi), while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 | ssip_xmit_work ssi_protocol_remove | kfree(ssi); | | struct hsi_client *cl = ssi->cl; | // use ssi Fix it by ensuring that the work is canceled before proceeding with the cleanup in ssi_protocol_remove().

Source: CVE

April 18th, 2025 (about 15 hours ago)

CVE-2025-29625

A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via an overly long...

Description: A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via an overly long environment variable passed to FileOpen function.

SSVC Exploitation: poc

Source: CVE

April 18th, 2025 (about 15 hours ago)

CVE-2025-2950

IBM i improper HTTP header neutralization

Description: IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior.

CVSS: MEDIUM (5.4)

Source: CVE

April 18th, 2025 (about 15 hours ago)

CVE-2025-28232

Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows attackers to access the Admin panel without...

Description: Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows attackers to access the Admin panel without authentication.

Source: CVE

April 18th, 2025 (about 15 hours ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-31492	SUSE SLES12 Security Update : apache2-mod_auth_openidc (SUSE-SU-2025:1337-1) Description: Nessus Plugin ID 234614 with High Severity Synopsis The remote SUSE host is missing a security update. Description The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:1337-1 advisory. - CVE-2025-31492: Fixed a bug where OIDCProviderAuthRequestMethod POSTs can leak protected data. (bsc#1240893)Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected apache2-mod_auth_openidc package. Read more at https://www.tenable.com/plugins/nessus/234614 CVSS: HIGH (8.2) EPSS Score: 0.19% Source: Tenable Plugins April 18th, 2025 (about 15 hours ago)
	Photon OS 5.0: Mozjs PHSA-2025-5.0-0504 Description: Nessus Plugin ID 234615 with Critical Severity Synopsis The remote PhotonOS host is missing multiple security updates. Description An update of the mozjs package has been released. Solution Update the affected Linux packages. Read more at https://www.tenable.com/plugins/nessus/234615 Source: Tenable Plugins April 18th, 2025 (about 15 hours ago)
	Dell Trusted Device Installed (Windows) Description: Nessus Plugin ID 234616 with Info Severity Synopsis Dell Trusted Device is installed on the remote Windows host. Description Dell Trusted Device (formerly known as Dell BIOS Verification) is installed on the remote Windows host. Solution null Read more at https://www.tenable.com/plugins/nessus/234616 Source: Tenable Plugins April 18th, 2025 (about 15 hours ago)
	CVE-2025-32433: Erlang/OTP SSH Unauthenticated Remote Code Execution Vulnerability Description: Proof-of-concept code has been released after researchers disclosed a maximum severity remote code execution vulnerability in Erlang/OTP SSH. Successful exploitation could allow for complete takeover of affected devices.BackgroundOn April 16, Fabian Bäumer, Marcus Brinkmann, Marcel Maehren, and Jörg Schwenk of the Ruhr University Bochum in Germany disclosed a critical vulnerability in Erlang/OTP SSH to the OpenWall vulnerability mailing list. Additionally an official advisory was posted to the GitHub project for Erlang/OTP crediting the researchers for their disclosure.CVEDescriptionCVSSv3VPRCVE-2025-32433Erlang/OTP SSH Remote Code Execution Vulnerability10.010*Please note: Tenable’s Vulnerability Priority Rating (VPR) scores are calculated nightly. This blog post was published on April 18 and reflects VPR at that time.AnalysisCVE-2025-32433 is a remote code execution (RCE) vulnerability affecting the Erlang/OTP SSH server. The vulnerability exists due to a flaw in the SSH protocol message handling which could allow an unauthenticated attacker to execute arbitrary code. According to the advisory, all users running Erlang/OTP SSH servers are impacted and to assume impact if your application utilizes the Erlang/OTP SSH library. This vulnerability received the maximum CVSSv3 score of 10.0 and when the SSH daemon is running as root, allows an attacker to completely compromise an affected device.At the time this blog was published, no known exploitation has been observed, howev... CVSS: CRITICAL (10.0) EPSS Score: 0.39% Source: Tenable Blog April 18th, 2025 (about 15 hours ago)
	AI Slop Is Breaking the Internet as We Know It (404 Media Live at SXSW) Description: Here's our live panel and podcast from SXSW! Source: 404 Media April 18th, 2025 (about 15 hours ago)
CVE-2025-3791	symisc UnQLite unqlite.c jx9MemObjStore heap-based overflow Description: A vulnerability classified as critical was found in symisc UnQLite up to 957c377cb691a4f617db9aba5cc46d90425071e2. This vulnerability affects the function jx9MemObjStore of the file /data/src/benchmarks/unqlite/unqlite.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. In symisc UnQLite bis 957c377cb691a4f617db9aba5cc46d90425071e2 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion jx9MemObjStore der Datei /data/src/benchmarks/unqlite/unqlite.c. Dank Manipulation mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung. Dieses Produkt verzichtet auf eine Versionierung und verwendet stattdessen Rolling Releases. Deshalb sind keine Details zu betroffenen oder zu aktualisierende Versionen vorhanden. CVSS: MEDIUM (4.8) SSVC Exploitation: poc Source: CVE April 18th, 2025 (about 15 hours ago)
CVE-2025-37838	HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition Description: In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition In the ssi_protocol_probe() function, &ssi->work is bound with ssip_xmit_work(), In ssip_pn_setup(), the ssip_pn_xmit() function within the ssip_pn_ops structure is capable of starting the work. If we remove the module which will call ssi_protocol_remove() to make a cleanup, it will free ssi through kfree(ssi), while the work mentioned above will be used. The sequence of operations that may lead to a UAF bug is as follows: CPU0 CPU1 \| ssip_xmit_work ssi_protocol_remove \| kfree(ssi); \| \| struct hsi_client *cl = ssi->cl; \| // use ssi Fix it by ensuring that the work is canceled before proceeding with the cleanup in ssi_protocol_remove(). Source: CVE April 18th, 2025 (about 15 hours ago)
CVE-2025-29625	A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via an overly long... Description: A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via an overly long environment variable passed to FileOpen function. SSVC Exploitation: poc Source: CVE April 18th, 2025 (about 15 hours ago)
CVE-2025-2950	IBM i improper HTTP header neutralization Description: IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior. CVSS: MEDIUM (5.4) Source: CVE April 18th, 2025 (about 15 hours ago)
CVE-2025-28232	Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows attackers to access the Admin panel without... Description: Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows attackers to access the Admin panel without authentication. Source: CVE April 18th, 2025 (about 15 hours ago)