How severe is CVE-2025-2129?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.6 out of 10.

What type of vulnerability is CVE-2025-2129?

This is classified as CWE-1188, which is a common weakness in software security.

CVE-2025-2129

MEDIUM Year: 2025

CVSS v3 Score

5.6

Medium

CVSS v2 Score

5.1

Medium

Weakness Type

CWE-1188

View all →

Vulnerability Description

A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. After 7 months of repeated follow-ups by the researcher, Mage AI has decided to not accept this issue as a valid security vulnerability and has confirmed that they will not be addressing it.

CVE-2019-2197

MEDIUM

CVSS:5.5(Medium)

In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact l...

CWE-11882019

CVE-2020-0019

MEDIUM

CVSS:5.5(Medium)

In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is...

CWE-11882020

CVE-2021-47343

MEDIUM

CVSS:5.5(Medium)

In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign new_root only when removal succeeds remove_raw() in dm_btree_remove() may fail due to IO read error (e.g. re...

CWE-11882021

CVE-2022-20466

MEDIUM

CVSS:5.5(Medium)

In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to ...

CWE-11882022

CVE-2022-36349

MEDIUM

CVSS:5.5(Medium)

Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of ser...

CWE-11882022

CVE-2024-25610

MEDIUM

CVSS:5.4(Medium)

In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4 before update 9, 7.3 before update 4, 7.2 before fix pack 19, and older unsupported versions, the default ...

CWE-11882024

CVE-2025-2129

Vulnerability Description

Related Vulnerabilities

CVE-2019-2197

CVE-2020-0019

CVE-2021-47343

CVE-2022-20466

CVE-2022-36349

CVE-2024-25610