🚨 CVE-2025-3085
A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the intermediate certificates in the peer's certificate chain. In cases of MONGODB-X509, which is not enabled by default, this may lead to improper authentication. This issue may also affect intra-cluster authentication. This issue affects MongoDB Server v5.0 versions prior to 5.0.31, MongoDB Server v6.0 versions prior to 6.0.20, MongoDB Server v7.0 versions prior to 7.0.16 and MongoDB Server v8.0 versions prior to 8.0.4.
Required Configuration : MongoDB Server must be running on Linux Operating Systems and CRL revocation status checking must be enabled
🎖@cveNotify
A MongoDB server under specific conditions running on Linux with TLS and CRL revocation status checking enabled, fails to check the revocation status of the intermediate certificates in the peer's certificate chain. In cases of MONGODB-X509, which is not enabled by default, this may lead to improper authentication. This issue may also affect intra-cluster authentication. This issue affects MongoDB Server v5.0 versions prior to 5.0.31, MongoDB Server v6.0 versions prior to 6.0.20, MongoDB Server v7.0 versions prior to 7.0.16 and MongoDB Server v8.0 versions prior to 8.0.4.
Required Configuration : MongoDB Server must be running on Linux Operating Systems and CRL revocation status checking must be enabled
🎖@cveNotify
🚨 CVE-2025-34184
Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Remote attackers can execute arbitrary system commands by injecting payloads into the 'passwd' HTTP POST parameter, leading to full system compromise or denial of service.
🎖@cveNotify
Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection vulnerability in the /ajax/php/login.php script. Remote attackers can execute arbitrary system commands by injecting payloads into the 'passwd' HTTP POST parameter, leading to full system compromise or denial of service.
🎖@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
🚨 CVE-2025-34185
Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains a pre-authentication file disclosure vulnerability via the 'db_log' POST parameter. Remote attackers can retrieve arbitrary files from the server, exposing sensitive system information and credentials.
🎖@cveNotify
Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains a pre-authentication file disclosure vulnerability via the 'db_log' POST parameter. Remote attackers can retrieve arbitrary files from the server, exposing sensitive system information and credentials.
🎖@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
🚨 CVE-2025-34186
Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system.
🎖@cveNotify
Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system() call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero exit codes as successful authentication, remote attackers can bypass authentication and gain full access to the system.
🎖@cveNotify
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
🚨 CVE-2025-10360
In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet backup. The key is only present on the system if the user has a Puppet Enterprise Advanced license and has enabled the Infra Assistant feature. The key is used for encrypting one particular bit of data in the Infra Assistant database: the API key for their AI provider account. This has been fixed in Puppet Enterprise version 2025.6, and release notes for 2025.6 have remediation steps for users of affected versions who can't update to the latest version.
🎖@cveNotify
In Puppet Enterprise versions 2025.4.0 and 2025.5, the encryption key used for encrypting content in the Infra Assistant database was not excluded from the files gathered by Puppet backup. The key is only present on the system if the user has a Puppet Enterprise Advanced license and has enabled the Infra Assistant feature. The key is used for encrypting one particular bit of data in the Infra Assistant database: the API key for their AI provider account. This has been fixed in Puppet Enterprise version 2025.6, and release notes for 2025.6 have remediation steps for users of affected versions who can't update to the latest version.
🎖@cveNotify
🚨 CVE-2025-21476
Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.
🎖@cveNotify
Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.
🎖@cveNotify
🚨 CVE-2025-21481
Memory corruption while performing private key encryption in trusted application.
🎖@cveNotify
Memory corruption while performing private key encryption in trusted application.
🎖@cveNotify
🚨 CVE-2025-21483
Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
🎖@cveNotify
Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
🎖@cveNotify
🚨 CVE-2025-21484
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
🎖@cveNotify
Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet.
🎖@cveNotify
🚨 CVE-2025-21487
Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length.
🎖@cveNotify
Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length.
🎖@cveNotify
🚨 CVE-2025-21488
Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.
🎖@cveNotify
Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set.
🎖@cveNotify
🚨 CVE-2025-27030
information disclosure while invoking calibration data from user space to update firmware size.
🎖@cveNotify
information disclosure while invoking calibration data from user space to update firmware size.
🎖@cveNotify
🚨 CVE-2025-27032
memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.
🎖@cveNotify
memory corruption while loading a PIL authenticated VM, when authenticated VM image is loaded without maintaining cache coherency.
🎖@cveNotify
🚨 CVE-2025-27033
Information disclosure while running video usecase having rogue firmware.
🎖@cveNotify
Information disclosure while running video usecase having rogue firmware.
🎖@cveNotify
🚨 CVE-2025-27036
Information disclosure when Video engine escape input data is less than expected minimum size.
🎖@cveNotify
Information disclosure when Video engine escape input data is less than expected minimum size.
🎖@cveNotify
🚨 CVE-2025-27037
Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers.
🎖@cveNotify
Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers.
🎖@cveNotify
🚨 CVE-2025-47315
Memory corruption while handling repeated memory unmap requests from guest VM.
🎖@cveNotify
Memory corruption while handling repeated memory unmap requests from guest VM.
🎖@cveNotify