CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2025-0975

Description: IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute code due to improper neutralization of escape characters.

CVSS: HIGH (8.8)

EPSS Score: 0.07%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2025-27154

Description: Summary The CacheHandler class creates a cache file to store the auth token here: https://github.com/spotipy-dev/spotipy/blob/master/spotipy/cache_handler.py#L93-L98 The file created has rw-r--r-- (644) permissions by default, when it could be locked down to rw------- (600) permissions. I think 600 is a sensible default. Details This leads to overly broad exposure of the spotify auth token. If this token can be read by an attacker (another user on the machine, or a process running as another user), it can be used to perform administrative actions on the Spotify account, depending on the scope granted to the token. PoC Run an application that uses spotipy with client creation like this: from pathlib import Path import spotipy from os import getenv def create_spotify_client(client_id: str, client_secret: str) -> spotipy.Spotify: """Create and return an authenticated Spotify client. Args: client_id: Spotify API client ID client_secret: Spotify API client secret Returns: An authenticated Spotify client instance """ cache_path = Path.home() / ".cache" / "spotify-backup/.auth_cache" cache_path.parent.mkdir(parents=True, exist_ok=True) cache_handler = spotipy.cache_handler.CacheFileHandler(cache_path=str(cache_path)) client = spotipy.Spotify( auth_manager=spotipy.oauth2.SpotifyOAuth( client_id=client_id, client_secret=client_secret, redirect_uri="http://localhost:8000/callback...

CVSS: HIGH (8.4)

EPSS Score: 0.01%

Source: Github Advisory Database (PIP)
February 28th, 2025 (4 months ago)

CVE-2025-1687

Description: The Cardealer theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.4. This is due to missing nonce validation on the 'update_user_profile' function. This makes it possible for unauthenticated attackers to update the user email and password via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.

CVSS: HIGH (8.8)

EPSS Score: 0.02%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2025-1682

Description: The Cardealer theme for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.4 due to missing capability check on the 'save_settings' function. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the default user role.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2024-12811

Description: The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.8 via the 'hotel_alone_slider' shortcode 'style' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.

CVSS: HIGH (8.8)

EPSS Score: 0.1%

Source: CVE
February 28th, 2025 (4 months ago)

CVE-2024-31109

Description: Cross-Site Request Forgery (CSRF) vulnerability in Toastie Studio Woocommerce Social Media Share Buttons allows Stored XSS.This issue affects Woocommerce Social Media Share Buttons: from n/a through 1.3.0.

CVSS: HIGH (7.1)

EPSS Score: 0.07%

SSVC Exploitation: none

Source: CVE
February 27th, 2025 (4 months ago)

CVE-2024-30341

Description: Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22709.

CVSS: HIGH (7.8)

EPSS Score: 0.22%

SSVC Exploitation: none

Source: CVE
February 27th, 2025 (4 months ago)

CVE-2024-30330

Description: Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22636.

CVSS: HIGH (7.8)

EPSS Score: 0.29%

SSVC Exploitation: none

Source: CVE
February 27th, 2025 (4 months ago)

CVE-2024-27335

Description: Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PNG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22018.

CVSS: HIGH (7.8)

EPSS Score: 0.16%

SSVC Exploitation: none

Source: CVE
February 27th, 2025 (4 months ago)

CVE-2025-1756

Description: mongosh may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privilege, when a crafted file is stored in C:\node_modules. This issue affects mongosh prior to 2.3.0. References https://nvd.nist.gov/vuln/detail/CVE-2025-1756 https://access.redhat.com/errata/RHSA-2025:1756 https://jira.mongodb.org/browse/MONGOSH-2028 https://github.com/advisories/GHSA-f5w3-73h4-jpcm

CVSS: HIGH (7.5)

EPSS Score: 0.01%

Source: Github Advisory Database (NPM)
February 27th, 2025 (4 months ago)