Skip to main content
CVE-2025-25046 LOW Monitor

IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure IBM Infosphere Information Server
NVD
CVSS 3.1
3.7
EPSS
0.1%
CVE-2025-46394 LOW CISA Monitor

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. Rated low severity (CVSS 3.2), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
3.2
EPSS
0.1%
CVE-2025-46393 LOW PATCH Monitor

In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order). Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Information Disclosure Imagemagick
NVD GitHub
CVSS 3.1
2.9
EPSS
0.2%
CVE-2025-43965 LOW PATCH Monitor

In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.

Information Disclosure Imagemagick Debian Linux
NVD GitHub
CVSS 3.1
2.9
EPSS
0.2%
CVE-2024-58251 LOW Monitor

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up). Rated low severity (CVSS 2.5), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
2.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy