CVE-2025-9005
published 2025-08-15CVE-2025-9005: A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information…
PriorityP416low3.7CVSS 3.1
AVNACHPRNUINSUCLINAN
EPSS
0.55%
41.6th percentile
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mtons | mblog | <= 3.5.0 | — |
| mtons | mblog | — | — |
| mtons | mblog | — | — |
| mtons | mblog | — | — |
| mtons | mblog | — | — |
| mtons | mblog | — | — |
| mtons | mblog | — | — |
CVSS provenance
nvdv3.13.7LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv4.02.9LOWCVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.02.6LOWAV:N/AC:H/Au:N/C:P/I:N/A:N
vendor_redhat5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7396-88fj-pr2x: A vulnerability was determined in mtons mblog up to 3
ghsa_unreviewed·2025-08-15
CVE-2025-9005 [MEDIUM] CWE-200 GHSA-7396-88fj-pr2x: A vulnerability was determined in mtons mblog up to 3
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Red Hat
AMD Platform Security Processor: AMD EPYC 9005 Series CPUs: AMD Platform Security Processor: Information disclosure via missing lock check
vendor_redhat·2026-04-16·CVSS 5.9
CVE-2025-54510 [MEDIUM] CWE-414 AMD Platform Security Processor: AMD EPYC 9005 Series CPUs: AMD Platform Security Processor: Information disclosure via missing lock check
AMD Platform Security Processor: AMD EPYC 9005 Series CPUs: AMD Platform Security Processor: Information disclosure via missing lock check
A flaw was found in the AMD Platform Security Processor in AMD EPYC™ 9005 Series CPUs. A missing lock check allows a privileged attacker with local access to potentially impact the confidentiality of guest data. This vulnerability could lead to unauthorized disclosure of sensitive information within the guest environment.
Package: kernel (Red Hat Enterprise Linux 10) - Fix deferred
Package: kernel (Red Hat Enterprise Linux 6) - Not affected
Package: kernel (Red Hat Enterprise Linux 7) - Not affected
Package: kernel-rt (Red Hat Enterprise Linux 7) - Not affected
Package: kernel (Red Hat Enterprise Linux 8) - Not affected
Package: kernel-rt (Red Ha
No detection rules found.
No public exploits indexed.
2025-08-15
Published