CyberAlerts

CVE-2025-1744

Description: Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9.

CVSS: CRITICAL (10.0)

EPSS Score: 0.05%

Source: CVE

February 28th, 2025 (about 2 months ago)

CVE-2025-1751

CVE-2025-1751: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Description: CVE-2025-1751: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: DarkWebInformer

February 27th, 2025 (about 2 months ago)

CVE-2021-29999

Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers

Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Communication modules for Modicon M580 and Quantum controllers Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a stack overflow attack, which could result in loss of confidentiality, integrity, and denial of service of the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following communication modules for Modicon M580 and Quantum controllers are affected by a vulnerability in VxWorks operating system: Modicon M580 communication modules BMENOC BMENOC0321: Versions prior to SV1.10 Modicon M580 communication modules BMECRA BMECRA31210: All versions Modicon M580/Quantum communication modules BMXCRA BMXCRA31200: All versions Modicon M580/Quantum communication modules BMXCRA BMXCRA31210: All versions Modicon Quantum communication modules 140CRA 140CRA31908: All versions Modicon Quantum communication modules 140CRA 140CRA31200: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS WRITE CWE-787 A possible stack overflow in dhcp server was discovered in Wind River VxWorks through 6.8. CVE-2021-29999 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critic...

CVSS: CRITICAL (9.8)

Source: All CISA Advisories

February 27th, 2025 (about 2 months ago)

CVE-2024-13148

SQLi in Yukseloglu Filter's B2B Login Platform

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yukseloglu Filter B2B Login Platform allows SQL Injection.This issue affects B2B Login Platform: before 16.01.2025.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

SSVC Exploitation: none

Source: CVE

February 27th, 2025 (about 2 months ago)

CVE-2025-1751

SQL Injection CIGES

Description: A SQL Injection vulnerability has been found in Ciges 2.15.5 from ATISoluciones. This vulnerability allows an attacker to retrieve, create, update and delete database via $idServicio parameter in /modules/ajaxBloqueaCita.php endpoint.

CVSS: CRITICAL (9.8)

EPSS Score: 0.05%

Source: CVE

February 27th, 2025 (about 2 months ago)

CVE-2024-31345

WordPress Auto Poster plugin <= 1.2 - Arbitrary File Upload vulnerability

Description: Unrestricted Upload of File with Dangerous Type vulnerability in Sukhchain Singh Auto Poster.This issue affects Auto Poster: from n/a through 1.2.

CVSS: CRITICAL (9.1)

EPSS Score: 0.91%

SSVC Exploitation: none

Source: CVE

February 26th, 2025 (about 2 months ago)

CVE-2024-47051

Remote Code Execution & File Deletion in Asset Uploads

Description: This advisory addresses two critical security vulnerabilities present in Mautic versions before 5.2.3. These vulnerabilities could be exploited by authenticated users. * Remote Code Execution (RCE) via Asset Upload: A Remote Code Execution vulnerability has been identified in the asset upload functionality. Insufficient enforcement of allowed file extensions allows an attacker to bypass restrictions and upload executable files, such as PHP scripts. * Path Traversal File Deletion: A Path Traversal vulnerability exists in the upload validation process. Due to improper handling of path components, an authenticated user can manipulate the file deletion process to delete arbitrary files on the host system.

CVSS: CRITICAL (9.1)

EPSS Score: 1.22%

Source: CVE

February 26th, 2025 (about 2 months ago)

CVE-2024-56732

Amazon Linux 2023 : harfbuzz, harfbuzz-devel, harfbuzz-icu (ALAS2023-2025-848)

Description: Nessus Plugin ID 216805 with Critical Severity Synopsis The remote Amazon Linux 2023 host is missing a security update. Description It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-848 advisory. HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function. (CVE-2024-56732)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Run 'dnf update harfbuzz --releasever 2023.6.20250218' to update your system. Read more at https://www.tenable.com/plugins/nessus/216805

CVSS: CRITICAL (9.3)

Source: Tenable Plugins

February 26th, 2025 (about 2 months ago)

CVE-2023-25574

[jupyterhub-ltiauthenticator] LTI JupyterHub Authenticator does not properly validate JWT Signature

Description: Impact Only users that has configured a JupyterHub installation to use the authenticator class LTI13Authenticator are influenced. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request granting access to existing and new user identities. Patches None. Workarounds None. References This code segment didn't validate a JWT signature. References https://github.com/jupyterhub/ltiauthenticator/security/advisories/GHSA-mcgx-2gcr-p3hp https://nvd.nist.gov/vuln/detail/CVE-2023-25574 https://github.com/jupyterhub/ltiauthenticator/blob/3feec2e81b9d3b0ad6b58ab4226af640833039f3/ltiauthenticator/lti13/validator.py#L122-L164 https://github.com/jupyterhub/ltiauthenticator/blob/main/CHANGELOG.md#140---2023-03-01 https://github.com/advisories/GHSA-mcgx-2gcr-p3hp

CVSS: CRITICAL (10.0)

Source: Github Advisory Database (PIP)

February 25th, 2025 (about 2 months ago)

CVE-2025-26974

WordPress WP Multi Store Locator plugin <= 2.5.1 - SQL Injection vulnerability

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPExperts.io WP Multi Store Locator allows Blind SQL Injection. This issue affects WP Multi Store Locator: from n/a through 2.5.1.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE

February 25th, 2025 (about 2 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-1744	Out-of-bounds Write in radare2 Description: Out-of-bounds Write vulnerability in radareorg radare2 allows heap-based buffer over-read or buffer overflow.This issue affects radare2: before <5.9.9. CVSS: CRITICAL (10.0) EPSS Score: 0.05% Source: CVE February 28th, 2025 (about 2 months ago)
CVE-2025-1751	CVE-2025-1751: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Description: CVE-2025-1751: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') CVSS: CRITICAL (9.8) EPSS Score: 0.05% Source: DarkWebInformer February 27th, 2025 (about 2 months ago)
CVE-2021-29999	Schneider Electric Communication Modules for Modicon M580 and Quantum Controllers Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Communication modules for Modicon M580 and Quantum controllers Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a stack overflow attack, which could result in loss of confidentiality, integrity, and denial of service of the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Schneider Electric reports that the following communication modules for Modicon M580 and Quantum controllers are affected by a vulnerability in VxWorks operating system: Modicon M580 communication modules BMENOC BMENOC0321: Versions prior to SV1.10 Modicon M580 communication modules BMECRA BMECRA31210: All versions Modicon M580/Quantum communication modules BMXCRA BMXCRA31200: All versions Modicon M580/Quantum communication modules BMXCRA BMXCRA31210: All versions Modicon Quantum communication modules 140CRA 140CRA31908: All versions Modicon Quantum communication modules 140CRA 140CRA31200: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 OUT-OF-BOUNDS WRITE CWE-787 A possible stack overflow in dhcp server was discovered in Wind River VxWorks through 6.8. CVE-2021-29999 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Commercial Facilities, Critic... CVSS: CRITICAL (9.8) Source: All CISA Advisories February 27th, 2025 (about 2 months ago)
CVE-2024-13148	SQLi in Yukseloglu Filter's B2B Login Platform Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yukseloglu Filter B2B Login Platform allows SQL Injection.This issue affects B2B Login Platform: before 16.01.2025. CVSS: CRITICAL (9.8) EPSS Score: 0.04% SSVC Exploitation: none Source: CVE February 27th, 2025 (about 2 months ago)
CVE-2025-1751	SQL Injection CIGES Description: A SQL Injection vulnerability has been found in Ciges 2.15.5 from ATISoluciones. This vulnerability allows an attacker to retrieve, create, update and delete database via $idServicio parameter in /modules/ajaxBloqueaCita.php endpoint. CVSS: CRITICAL (9.8) EPSS Score: 0.05% Source: CVE February 27th, 2025 (about 2 months ago)
CVE-2024-31345	WordPress Auto Poster plugin <= 1.2 - Arbitrary File Upload vulnerability Description: Unrestricted Upload of File with Dangerous Type vulnerability in Sukhchain Singh Auto Poster.This issue affects Auto Poster: from n/a through 1.2. CVSS: CRITICAL (9.1) EPSS Score: 0.91% SSVC Exploitation: none Source: CVE February 26th, 2025 (about 2 months ago)
CVE-2024-47051	Remote Code Execution & File Deletion in Asset Uploads Description: This advisory addresses two critical security vulnerabilities present in Mautic versions before 5.2.3. These vulnerabilities could be exploited by authenticated users. * Remote Code Execution (RCE) via Asset Upload: A Remote Code Execution vulnerability has been identified in the asset upload functionality. Insufficient enforcement of allowed file extensions allows an attacker to bypass restrictions and upload executable files, such as PHP scripts. * Path Traversal File Deletion: A Path Traversal vulnerability exists in the upload validation process. Due to improper handling of path components, an authenticated user can manipulate the file deletion process to delete arbitrary files on the host system. CVSS: CRITICAL (9.1) EPSS Score: 1.22% Source: CVE February 26th, 2025 (about 2 months ago)
CVE-2024-56732	Amazon Linux 2023 : harfbuzz, harfbuzz-devel, harfbuzz-icu (ALAS2023-2025-848) Description: Nessus Plugin ID 216805 with Critical Severity Synopsis The remote Amazon Linux 2023 host is missing a security update. Description It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-848 advisory. HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function. (CVE-2024-56732)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Run 'dnf update harfbuzz --releasever 2023.6.20250218' to update your system. Read more at https://www.tenable.com/plugins/nessus/216805 CVSS: CRITICAL (9.3) Source: Tenable Plugins February 26th, 2025 (about 2 months ago)
CVE-2023-25574	[jupyterhub-ltiauthenticator] LTI JupyterHub Authenticator does not properly validate JWT Signature Description: Impact Only users that has configured a JupyterHub installation to use the authenticator class LTI13Authenticator are influenced. LTI13Authenticator that was introduced in jupyterhub-ltiauthenticator 1.3.0 wasn't validating JWT signatures. This is believed to allow the LTI13Authenticator to authorize a forged request granting access to existing and new user identities. Patches None. Workarounds None. References This code segment didn't validate a JWT signature. References https://github.com/jupyterhub/ltiauthenticator/security/advisories/GHSA-mcgx-2gcr-p3hp https://nvd.nist.gov/vuln/detail/CVE-2023-25574 https://github.com/jupyterhub/ltiauthenticator/blob/3feec2e81b9d3b0ad6b58ab4226af640833039f3/ltiauthenticator/lti13/validator.py#L122-L164 https://github.com/jupyterhub/ltiauthenticator/blob/main/CHANGELOG.md#140---2023-03-01 https://github.com/advisories/GHSA-mcgx-2gcr-p3hp CVSS: CRITICAL (10.0) Source: Github Advisory Database (PIP) February 25th, 2025 (about 2 months ago)
CVE-2025-26974	WordPress WP Multi Store Locator plugin <= 2.5.1 - SQL Injection vulnerability Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPExperts.io WP Multi Store Locator allows Blind SQL Injection. This issue affects WP Multi Store Locator: from n/a through 2.5.1. CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: CVE February 25th, 2025 (about 2 months ago)