CyberAlerts

CVE-2025-20059

Description: Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9.

CVSS: CRITICAL (9.2)

EPSS Score: 0.07%

Source: CVE

February 21st, 2025 (about 2 months ago)

CVE-2025-1265

Elseta Vinci Protocol Analyzer OS Command Injection

Description: An OS command injection vulnerability exists in Vinci Protocol Analyzer that could allow an attacker to escalate privileges and perform code execution on affected system.

CVSS: CRITICAL (9.9)

EPSS Score: 0.16%

Source: CVE

February 21st, 2025 (about 2 months ago)

CVE-2025-0868

Remote Code Execution in DocsGPT

Description: A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0.

CVSS: CRITICAL (9.3)

EPSS Score: 15.3%

Source: CVE

February 21st, 2025 (about 2 months ago)

CVE-2024-13789

Ravpage <= 2.31 - PHP Object Injection

Description: The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.31 via deserialization of untrusted input from the 'paramsv2' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present.

CVSS: CRITICAL (9.8)

EPSS Score: 0.4%

Source: CVE

February 21st, 2025 (about 2 months ago)

CVE-2025-0868

[docsgpt] DocsGPT Allows Remote Code Execution

Description: A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0. References https://nvd.nist.gov/vuln/detail/CVE-2025-0868 https://cert.pl/en/posts/2025/02/CVE-2025-0868 https://cert.pl/posts/2025/02/CVE-2025-0868 https://github.com/arc53/DocsGPT https://github.com/advisories/GHSA-9gff-5v8w-x922

CVSS: CRITICAL (9.3)

EPSS Score: 15.3%

Source: Github Advisory Database (NPM)

February 20th, 2025 (2 months ago)

CVE-2024-48510

Siemens SiPass Integrated

Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SiPass integrated Vulnerability: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the application server, if a specially crafted backup set is used for a restore. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SiPass integrated V2.90: Versions prior to V2.90.3.19 SiPass integrated V2.95: Versions prior to V2.95.3.15 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 Directory traversal vulnerability in DotNetZip versions v.1.16.0 and prior which allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component. This vulnerability only affects products that are no longer supported by the maintainer. For SiPass integrated V2.90 and V2.95: The product could only be exploitable in situations where a specially crafted backup set is used for ...

CVSS: CRITICAL (9.8)

Source: All CISA Advisories

February 20th, 2025 (2 months ago)

CVE-2024-48841

ABB FLXEON Controllers

Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: FLXEON Controllers Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion'), Missing Origin Validation in WebSockets, Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to send unauthorized HTTPS requests, access sensitive information from HTTPS responses, or use network access to execute remote code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports that the following products are affected: FLXEON Controllers FBXi: Version 9.3.4 and prior FLXEON Controllers FBVi: Version 9.3.4 and prior FLXEON Controllers FBTi: Version 9.3.4 and prior FLXEON Controllers CBXi: Version 9.3.4 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77 Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON version 9.3.4 and prior. CVE-2024-48841 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-48841. A base score of 10.0 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H...

CVSS: CRITICAL (10.0)

EPSS Score: 0.04%

Source: All CISA Advisories

February 20th, 2025 (2 months ago)

CVE-2024-51547

ABB ASPECT-Enterprise, NEXUS, and MATRIX Series

Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: ASPECT-Enterprise, NEXUS, and MATRIX series Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain access to devices without proper authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports the following products are affected: ABB ASPECT®-Enterprise ASP-ENT-x: Versions 3.08.03 and prior ABB NEXUS Series NEX-2x: Versions 3.08.03 and prior ABB NEXUS Series: Versions 3.08.03 and prior ABB MATRIX Series MAT-x: Versions 3.08.03 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 USE OF HARD-CODED CREDENTIALS CWE-798 Several hard-coded credentials for the products internal use are contained in the firmware as plain text information. CVE-2024-51547 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-51547. A base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEADQUARTERS LOCATION: Switzerland 3.4 RESEARCHER Gjoko Krstikj of Zero Science Lab reported this vulnerability to CISA. 4. MITIGATIONS ABB has identified specific w...

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: All CISA Advisories

February 20th, 2025 (2 months ago)

CVE-2025-1135

SQL Injection in ChurchCRM CurrentFundraiser Parameter via BatchWinnerEntry.php

Description: A vulnerability exists in ChurchCRM 5.13.0. and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the BatchWinnerEntry functionality. The CurrentFundraiser parameter is directly concatenated into an SQL query without sufficient sanitization, allowing an attacker to manipulate database queries and execute arbitrary commands, potentially leading to data exfiltration, modification, or deletion. Please note the vulnerability requires Administrator privileges.

CVSS: CRITICAL (9.3)

EPSS Score: 0.07%

Source: CVE

February 20th, 2025 (2 months ago)

CVE-2025-1134

SQL Injection in ChurchCRM CurrentFundraiser Parameter via DonatedItemEditor.php

Description: A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the DonatedItemEditor functionality. The CurrentFundraiser parameter is directly concatenated into an SQL query without sufficient sanitization, allowing an attacker to manipulate database queries and execute arbitrary commands, potentially leading to data exfiltration, modification, or deletion. Please note that this vulnerability requires Administrator privileges.

CVSS: CRITICAL (9.3)

EPSS Score: 0.07%

Source: CVE

February 20th, 2025 (2 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-20059	PingAM Java Policy Agent path traversal Description: Relative Path Traversal vulnerability in Ping Identity PingAM Java Policy Agent allows Parameter Injection.This issue affects PingAM Java Policy Agent: through 5.10.3, through 2023.11.1, through 2024.9. CVSS: CRITICAL (9.2) EPSS Score: 0.07% Source: CVE February 21st, 2025 (about 2 months ago)
CVE-2025-1265	Elseta Vinci Protocol Analyzer OS Command Injection Description: An OS command injection vulnerability exists in Vinci Protocol Analyzer that could allow an attacker to escalate privileges and perform code execution on affected system. CVSS: CRITICAL (9.9) EPSS Score: 0.16% Source: CVE February 21st, 2025 (about 2 months ago)
CVE-2025-0868	Remote Code Execution in DocsGPT Description: A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0. CVSS: CRITICAL (9.3) EPSS Score: 15.3% Source: CVE February 21st, 2025 (about 2 months ago)
CVE-2024-13789	Ravpage <= 2.31 - PHP Object Injection Description: The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.31 via deserialization of untrusted input from the 'paramsv2' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. CVSS: CRITICAL (9.8) EPSS Score: 0.4% Source: CVE February 21st, 2025 (about 2 months ago)
CVE-2025-0868	[docsgpt] DocsGPT Allows Remote Code Execution Description: A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of JSON data using eval() an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint. This issue affects DocsGPT: from 0.8.1 through 0.12.0. References https://nvd.nist.gov/vuln/detail/CVE-2025-0868 https://cert.pl/en/posts/2025/02/CVE-2025-0868 https://cert.pl/posts/2025/02/CVE-2025-0868 https://github.com/arc53/DocsGPT https://github.com/advisories/GHSA-9gff-5v8w-x922 CVSS: CRITICAL (9.3) EPSS Score: 15.3% Source: Github Advisory Database (NPM) February 20th, 2025 (2 months ago)
CVE-2024-48510	Siemens SiPass Integrated Description: As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services \| Services \| Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SiPass integrated Vulnerability: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the application server, if a specially crafted backup set is used for a restore. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Siemens reports that the following products are affected: SiPass integrated V2.90: Versions prior to V2.90.3.19 SiPass integrated V2.95: Versions prior to V2.95.3.15 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 Directory traversal vulnerability in DotNetZip versions v.1.16.0 and prior which allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component. This vulnerability only affects products that are no longer supported by the maintainer. For SiPass integrated V2.90 and V2.95: The product could only be exploitable in situations where a specially crafted backup set is used for ... CVSS: CRITICAL (9.8) Source: All CISA Advisories February 20th, 2025 (2 months ago)
CVE-2024-48841	ABB FLXEON Controllers Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: FLXEON Controllers Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion'), Missing Origin Validation in WebSockets, Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to send unauthorized HTTPS requests, access sensitive information from HTTPS responses, or use network access to execute remote code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports that the following products are affected: FLXEON Controllers FBXi: Version 9.3.4 and prior FLXEON Controllers FBVi: Version 9.3.4 and prior FLXEON Controllers FBTi: Version 9.3.4 and prior FLXEON Controllers CBXi: Version 9.3.4 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USED IN A COMMAND ('COMMAND INJECTION') CWE-77 Network access can be used to execute arbitrary code with elevated privileges. This issue affects FLXEON version 9.3.4 and prior. CVE-2024-48841 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-48841. A base score of 10.0 has been calculated; the CVSS vector string is (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H... CVSS: CRITICAL (10.0) EPSS Score: 0.04% Source: All CISA Advisories February 20th, 2025 (2 months ago)
CVE-2024-51547	ABB ASPECT-Enterprise, NEXUS, and MATRIX Series Description: View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: ASPECT-Enterprise, NEXUS, and MATRIX series Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain access to devices without proper authentication. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS ABB reports the following products are affected: ABB ASPECT®-Enterprise ASP-ENT-x: Versions 3.08.03 and prior ABB NEXUS Series NEX-2x: Versions 3.08.03 and prior ABB NEXUS Series: Versions 3.08.03 and prior ABB MATRIX Series MAT-x: Versions 3.08.03 and prior 3.2 VULNERABILITY OVERVIEW 3.2.1 USE OF HARD-CODED CREDENTIALS CWE-798 Several hard-coded credentials for the products internal use are contained in the firmware as plain text information. CVE-2024-51547 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). A CVSS v4 score has also been calculated for CVE-2024-51547. A base score of 9.3 has been calculated; the CVSS vector string is (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N). 3.3 BACKGROUND CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing COUNTRIES/AREAS DEPLOYED: Worldwide COMPANY HEADQUARTERS LOCATION: Switzerland 3.4 RESEARCHER Gjoko Krstikj of Zero Science Lab reported this vulnerability to CISA. 4. MITIGATIONS ABB has identified specific w... CVSS: CRITICAL (9.3) EPSS Score: 0.04% Source: All CISA Advisories February 20th, 2025 (2 months ago)
CVE-2025-1135	SQL Injection in ChurchCRM CurrentFundraiser Parameter via BatchWinnerEntry.php Description: A vulnerability exists in ChurchCRM 5.13.0. and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the BatchWinnerEntry functionality. The CurrentFundraiser parameter is directly concatenated into an SQL query without sufficient sanitization, allowing an attacker to manipulate database queries and execute arbitrary commands, potentially leading to data exfiltration, modification, or deletion. Please note the vulnerability requires Administrator privileges. CVSS: CRITICAL (9.3) EPSS Score: 0.07% Source: CVE February 20th, 2025 (2 months ago)
CVE-2025-1134	SQL Injection in ChurchCRM CurrentFundraiser Parameter via DonatedItemEditor.php Description: A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the DonatedItemEditor functionality. The CurrentFundraiser parameter is directly concatenated into an SQL query without sufficient sanitization, allowing an attacker to manipulate database queries and execute arbitrary commands, potentially leading to data exfiltration, modification, or deletion. Please note that this vulnerability requires Administrator privileges. CVSS: CRITICAL (9.3) EPSS Score: 0.07% Source: CVE February 20th, 2025 (2 months ago)