General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-48930 | The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content m… | Low (2.8) | 2025-05-28 | General-Purpose |
| CVE-2025-48929 | The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token… | Medium (4.0) | 2025-05-28 | General-Purpose |
| CVE-2025-48928 | The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalen… | Medium (4.0) | 2025-05-28 | General-Purpose |
| CVE-2025-48927 | The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /hea… | Medium (5.3) | 2025-05-28 | General-Purpose |
| CVE-2025-48925 | The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and the… | Medium (4.3) | 2025-05-28 | General-Purpose |