Security Vulnerabilities
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices are vulnerable to path traversal attacks.
This could allow a privileged local attacker to restore backups that are outside the backup folder.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-05-13
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly assign permissions to critical ressources.
This could allow a non-privileged local attacker to interact with the backupmanager service.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-05-13
CVE-2025-4632
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority.
Known exploited
CVSS Score
9.8
EPSS Score
0.579
Published
2025-05-13
CVE-2025-42999
SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.
Known exploited
CVSS Score
9.1
EPSS Score
0.147
Published
2025-05-13
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-12
The issue was addressed with improved input sanitization. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-12
This issue was addressed through improved state management. This issue is fixed in iOS 18.5 and iPadOS 18.5. Muting the microphone during a FaceTime call may not result in audio being silenced.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-05-12
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user’s deleted notes.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-05-12
This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVSS Score
4.7
EPSS Score
0.0
Published
2025-05-12
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-05-12