CyberAlerts

CVE-2024-4009

Description: Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System

CVSS: CRITICAL (9.2)

EPSS Score: 0.03%

SSVC Exploitation: none

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2024-22252

Use-after-free vulnerability

Description: VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.

CVSS: CRITICAL (9.3)

EPSS Score: 0.32%

SSVC Exploitation: none

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2025-30367

WeGIA SQL Injection Vulnerability in nextPage Parameter on control.php Endpoint

Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.6 in the nextPage parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. Version 3.2.6 contains a fix for the issue.

CVSS: CRITICAL (10.0)

EPSS Score: 0.04%

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2025-30365

SQL Injection in query_geracao_auto.php

Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.8 in the endpoint /WeGIA/html/socio/sistema/controller/query_geracao_auto.php, specifically in the query parameter. This vulnerability allows the execution of arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. Version 3.2.8 fixes the issue.

CVSS: CRITICAL (9.4)

EPSS Score: 0.05%

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2025-30364

WeGIA vulnerable to SQL Injection (Blind Time-Based) in remuneracao.php parameter id_funcionario

Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.8 in the endpoint /WeGIA/html/funcionario/remuneracao.php, in the id_funcionario parameter. This vulnerability allows the execution of arbitrary SQL commands, which can compromise the confidentiality, integrity, and availability of stored data. Version 3.2.8 fixes the issue.

CVSS: CRITICAL (10.0)

EPSS Score: 0.06%

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2025-30361

WeGIA Vulnerable to Broken Authentication - Old Password Validation

Description: WeGIA is a Web manager for charitable institutions. A security vulnerability was identified in versions prior to 3.2.6, where it is possible to change a user's password without verifying the old password. This issue exists in the control.php endpoint and allows unauthorized attackers to bypass authentication and authorization mechanisms to reset the password of any user, including admin accounts. Version 3.2.6 fixes the issue.

CVSS: CRITICAL (9.3)

EPSS Score: 0.08%

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2024-21181

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are...

Description: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS: CRITICAL (9.8)

EPSS Score: 0.57%

SSVC Exploitation: none

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2025-26909

WordPress Hide My WP Ghost plugin <= 5.4.01 - Local File Inclusion to RCE vulnerability

Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in John Darrel Hide My WP Ghost allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through 5.4.01.

CVSS: CRITICAL (9.6)

EPSS Score: 0.11%

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2025-2516

Use of a weak cryptographic key in the signature verification process in WPS Office

Description: The use of a weak cryptographic key pair in the signature verification process in WPS Office (Kingsoft) on Windows allows an attacker who successfully recovered the private key to sign components. As older versions of WPS Office did not validate the update server's certificate, an Adversary-In-The-Middle attack was possible allowing updates to be hijacked.

CVSS: CRITICAL (9.5)

EPSS Score: 0.01%

Source: CVE

March 27th, 2025 (24 days ago)

CVE-2024-20018

In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no...

Description: In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019.

CVSS: CRITICAL (9.8)

EPSS Score: 0.21%

SSVC Exploitation: none

Source: CVE

March 27th, 2025 (24 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-4009	Replay Attack in KNX Secure Devices Description: Replay Attack in ABB, Busch-Jaeger, FTS Display (version 1.00) and BCU (version 1.3.0.33) allows attacker to capture/replay KNX telegram to local KNX Bus-System CVSS: CRITICAL (9.2) EPSS Score: 0.03% SSVC Exploitation: none Source: CVE March 27th, 2025 (24 days ago)
CVE-2024-22252	Use-after-free vulnerability Description: VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. CVSS: CRITICAL (9.3) EPSS Score: 0.32% SSVC Exploitation: none Source: CVE March 27th, 2025 (24 days ago)
CVE-2025-30367	WeGIA SQL Injection Vulnerability in nextPage Parameter on control.php Endpoint Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.6 in the nextPage parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. Version 3.2.6 contains a fix for the issue. CVSS: CRITICAL (10.0) EPSS Score: 0.04% Source: CVE March 27th, 2025 (24 days ago)
CVE-2025-30365	SQL Injection in query_geracao_auto.php Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.8 in the endpoint /WeGIA/html/socio/sistema/controller/query_geracao_auto.php, specifically in the query parameter. This vulnerability allows the execution of arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. Version 3.2.8 fixes the issue. CVSS: CRITICAL (9.4) EPSS Score: 0.05% Source: CVE March 27th, 2025 (24 days ago)
CVE-2025-30364	WeGIA vulnerable to SQL Injection (Blind Time-Based) in remuneracao.php parameter id_funcionario Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.8 in the endpoint /WeGIA/html/funcionario/remuneracao.php, in the id_funcionario parameter. This vulnerability allows the execution of arbitrary SQL commands, which can compromise the confidentiality, integrity, and availability of stored data. Version 3.2.8 fixes the issue. CVSS: CRITICAL (10.0) EPSS Score: 0.06% Source: CVE March 27th, 2025 (24 days ago)
CVE-2025-30361	WeGIA Vulnerable to Broken Authentication - Old Password Validation Description: WeGIA is a Web manager for charitable institutions. A security vulnerability was identified in versions prior to 3.2.6, where it is possible to change a user's password without verifying the old password. This issue exists in the control.php endpoint and allows unauthorized attackers to bypass authentication and authorization mechanisms to reset the password of any user, including admin accounts. Version 3.2.6 fixes the issue. CVSS: CRITICAL (9.3) EPSS Score: 0.08% Source: CVE March 27th, 2025 (24 days ago)
CVE-2024-21181	Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are... Description: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). CVSS: CRITICAL (9.8) EPSS Score: 0.57% SSVC Exploitation: none Source: CVE March 27th, 2025 (24 days ago)
CVE-2025-26909	WordPress Hide My WP Ghost plugin <= 5.4.01 - Local File Inclusion to RCE vulnerability Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in John Darrel Hide My WP Ghost allows PHP Local File Inclusion.This issue affects Hide My WP Ghost: from n/a through 5.4.01. CVSS: CRITICAL (9.6) EPSS Score: 0.11% Source: CVE March 27th, 2025 (24 days ago)
CVE-2025-2516	Use of a weak cryptographic key in the signature verification process in WPS Office Description: The use of a weak cryptographic key pair in the signature verification process in WPS Office (Kingsoft) on Windows allows an attacker who successfully recovered the private key to sign components. As older versions of WPS Office did not validate the update server's certificate, an Adversary-In-The-Middle attack was possible allowing updates to be hijacked. CVSS: CRITICAL (9.5) EPSS Score: 0.01% Source: CVE March 27th, 2025 (24 days ago)
CVE-2024-20018	In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no... Description: In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019. CVSS: CRITICAL (9.8) EPSS Score: 0.21% SSVC Exploitation: none Source: CVE March 27th, 2025 (24 days ago)