CVE-2025-23394 | SUSE openSUSE Tumbleweed 2.5.0-1.1 cyrus-imapd symlink

Inserito da Angelo Barbosa | Mag 26, 2025 | CVE

A vulnerability classified as critical was found in SUSE openSUSE Tumbleweed 2.5.0-1.1. Affected by this vulnerability is an unknown functionality of the component cyrus-imapd. The manipulation leads to symlink following.

This vulnerability is known as CVE-2025-23394. An attack has to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-23394 | SUSE openSUSE Tumbleweed 2.5.0-1.1 cyrus-imapd symlink

Post correlati

CVE-2024-30130 | HCL Nomad Server on Domino up to 1.0.11 unknown vulnerability (KB0114184)

CVE-2024-26529 | MZ Automation libIEC61850 up to 1.5.3 mms_named_variable_list_service.c mmsServer_handleDeleteNamedVariableListRequest denial of service (Issue 492)

CVE-2024-5490 | Zoho ManageEngine ADAudit Plus up to 7999 Aggregate Reports Option sql injection

CVE-2024-45722 | Ruijie Reyee OS prior 2.320.x MQTT Credential weak credentials (icsa-24-338-01)