Overview CVE-2025-13372 identifies a medium-severity SQL injection vulnerability found in Django versions 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. The flaw resides within the FilteredRelation functionality and can be exploited through carefully crafted dictionaries used in conjunction with dictionary expansion (**kwargs) when calling QuerySet.annotate() or QuerySet.alias() on PostgreSQL databases. Technical Details The vulnerability stems from insufficient sanitization when handling column aliases in FilteredRelation. An attacker can manipulate the **kwargs dictionary passed to QuerySet.annotate() or QuerySet.alias() to inject malicious SQL code into the generated query. Specifically, the vulnerability is triggered when using dictionary expansion. This allows an attacker…

Overview CVE-2025-12630 is a medium-severity vulnerability affecting the Upload.am WordPress plugin versions prior to 1.0.1. This vulnerability allows unauthorized users, including those with contributor-level access, to view sensitive site options due to a missing capability check in the plugin’s AJAX request handler. This can lead to the disclosure of configuration details that could be exploited for further malicious activities. Technical Details The vulnerability resides in the AJAX request handler within the Upload.am plugin. Specifically, the handler lacks proper authorization checks to verify if the user making the request has the necessary capabilities to access or modify site options. As a…

Overview CVE-2025-59702 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices running firmware versions through 13.6.11 or 13.7. This vulnerability allows a physically proximate attacker with elevated privileges to falsify tamper events by gaining access to internal components of the HSM. Technical Details The vulnerability stems from insufficient protection of internal components related to tamper detection within the affected Entrust nShield HSMs. A physically proximate attacker, possessing both physical access to the device and elevated privileges (e.g., knowledge of service credentials or having compromised the host system), can manipulate these internal components in a…

Overview CVE-2025-59701 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices through versions 13.6.11 and 13.7. This vulnerability allows a physically proximate attacker with elevated privileges to read and potentially modify the contents of the Appliance SSD. The root cause of this vulnerability is that the data stored on the SSD is not encrypted. Technical Details The vulnerability stems from the lack of encryption on the Appliance SSD within the affected Entrust nShield HSMs. An attacker with physical access to the device and possessing sufficient privileges to access the internal components can directly read…

Overview CVE-2025-59700 describes a vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices through version 13.6.11, or 13.7. The vulnerability allows a physically proximate attacker with root access to the device to modify the Recovery Partition due to a lack of integrity protection. This means an attacker with physical access and root privileges on the HSM could potentially compromise the device’s security by manipulating the recovery mechanisms. Technical Details The core issue lies in the absence of integrity protection mechanisms for the Recovery Partition within the affected Entrust nShield HSMs. An attacker who has already obtained root…

Overview CVE-2025-59699 describes a security vulnerability in Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices through version 13.6.11, or 13.7. This flaw allows a physically proximate attacker with access to the HSM to escalate privileges to root by booting the device from a USB drive containing a valid root filesystem. The vulnerability stems from insecure default settings in the Legacy GRUB Bootloader configuration. Technical Details The core issue resides in the default configuration of the Legacy GRUB bootloader used by the affected Entrust nShield HSMs. The default configuration permits booting from external media, specifically USB drives. An attacker…

Overview CVE-2025-59698 describes a potential security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi hardware security modules (HSMs) through version 13.6.11, or 13.7. The vulnerability could allow an attacker with physical proximity to the device to gain access to the End-of-Life (EOL) legacy bootloader. This access could potentially be leveraged for unauthorized actions depending on the bootloader’s capabilities and the HSM’s configuration. Technical Details The core of this vulnerability lies in the accessibility of the legacy bootloader in older versions of Entrust nShield HSMs. While HSMs are designed with multiple layers of security, including tamper-resistant enclosures and…

Overview CVE-2025-59697 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices through version 13.6.11, and 13.7. This vulnerability, identified as F06, allows a physically proximate attacker to escalate privileges. The attacker can achieve this by editing the Legacy GRUB bootloader configuration to initiate a root shell upon booting the host operating system. Technical Details The vulnerability stems from insufficient protection of the Legacy GRUB bootloader configuration on the affected Entrust nShield HSMs. A physically proximate attacker with access to the HSM’s console can modify the GRUB configuration to add parameters that initiate a root…

Overview CVE-2025-59696 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices. Specifically, versions up to and including 13.6.11, or 13.7, are susceptible to a physical attack where a proximate attacker can modify or erase tamper events through the Chassis management board. This could severely compromise the integrity of the HSM and the sensitive data it protects. This article provides a detailed analysis of this vulnerability, its potential impact, and recommended mitigation strategies. Technical Details The vulnerability lies in the accessibility and insufficient protection of the Chassis management board within the affected Entrust nShield HSMs.…

Overview CVE-2025-59695 describes a security vulnerability affecting Entrust nShield Connect XC, nShield 5c, and nShield HSMi devices running firmware versions up to and including 13.6.11, or 13.7. This vulnerability, identified as F04, allows a user with operating system (OS) root access to alter the firmware on the Chassis Management Board (CMB) without proper authentication. This unauthorized firmware modification can lead to severe security breaches. Technical Details The vulnerability resides in the mechanism used to update the firmware on the Chassis Management Board (CMB). With OS root access on the affected nShield HSM, an attacker can bypass the intended authentication controls…