Vuldb Updates

A vulnerability was found in ImageMagick up to 6.9.13-25/7.1.1. It has been classified as problematic. This vulnerability affects the function vsnprintf. This manipulation causes buffer underwrite. This vulnerability appears as CVE-2025-53101. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability classified as problematic was found in Open5GS up to 2.7.3. Impacted is the function ngap_recv_handler/s1ap_recv_handler/recv_handler of the component SCTP Partial Message Handler. The manipulation results in reachable assertion. This vulnerability is cataloged as CVE-2025-7485. The attack must be initiated from a local position. There is no exploit available. It is best practice to apply a patch to resolve this issue.

A vulnerability was found in Apple visionOS. It has been classified as critical. The affected element is an unknown function of the component Web Handler. This manipulation causes memory corruption. This vulnerability is handled as CVE-2025-24189. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, was found in Google Chrome. This issue affects some unknown processing of the component ANGLE/GPU. Such manipulation leads to sandbox issue. This vulnerability is referenced as CVE-2025-6558. It is possible to launch the attack remotely. Furthermore, an exploit is available. You should upgrade the affected component.

A vulnerability labeled as problematic has been found in Apple tvOS. This vulnerability affects unknown code of the component Web Handler. The manipulation results in out-of-bounds read. This vulnerability is known as CVE-2025-43265. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability marked as problematic has been reported in Apple visionOS. This issue affects some unknown processing of the component Web Handler. This manipulation causes out-of-bounds read. This vulnerability is handled as CVE-2025-43265. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability described as problematic has been identified in Apple watchOS. Impacted is an unknown function of the component Web Handler. Such manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2025-43265. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Apple iOS and iPadOS. The affected element is an unknown function of the component Web Handler. Performing manipulation results in out-of-bounds read. This vulnerability was named CVE-2025-43265. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability identified as problematic has been detected in Apple macOS. This affects an unknown part of the component Web Handler. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2025-43265. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability identified as problematic has been detected in Discourse. Affected by this vulnerability is an unknown functionality of the component Admin Dashboard. The manipulation leads to information disclosure. This vulnerability is referenced as CVE-2024-52589. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability labeled as problematic has been found in Discourse. Affected by this issue is some unknown functionality of the component Lightbox Thumbnail Handler. The manipulation results in cross site scripting. This vulnerability is identified as CVE-2024-52794. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability has been found in Discourse and classified as problematic. This affects an unknown function. This manipulation causes exposure of private personal information to an unauthorized actor. This vulnerability appears as CVE-2024-49765. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Discourse and classified as problematic. This impacts the function FileStore::LocalStore. Such manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-53991. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability identified as problematic has been detected in IBM MQ Operator up to 3.5.1 CD. This affects an unknown part. Performing manipulation results in invocation of process using visible sensitive information. This vulnerability is known as CVE-2025-1333. Attacking locally is a requirement. No exploit is available. You should upgrade the affected component.

A vulnerability marked as problematic has been reported in Arista EOS up to 4.30.8M/4.31.5M/4.32.3M/4.33.0. Affected is an unknown function of the component Traffic Policy Handler. Performing manipulation results in improper validation of specified quantity in input. This vulnerability is cataloged as CVE-2024-9448. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability described as critical has been identified in Asterisk up to 22.4.0. Affected by this issue is some unknown functionality of the file cli_permissions.conf of the component Command Line Interface. The manipulation results in os command injection. This vulnerability is cataloged as CVE-2025-47780. The attack must be initiated from a local position. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Asterisk up to 22.4.0. This affects an unknown part of the component SIP Request Handler. This manipulation causes improper neutralization of delimiters. This vulnerability is registered as CVE-2025-47779. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been classified as critical. The impacted element is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. This manipulation of the argument Name causes server-side request forgery. This vulnerability appears as CVE-2025-5186. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability, which was classified as critical, was found in Laravel Framework up to 11.31.0. This issue affects the function register_argc_argv of the component Query Handler. The manipulation results in argument injection. This vulnerability is cataloged as CVE-2024-52301. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Apple macOS up to 15.5. Affected by this issue is some unknown functionality. Such manipulation leads to improper check or handling of exceptional conditions. This vulnerability is uniquely identified as CVE-2025-43240. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.