CVE-2025-27135 |
Description: RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. Versions 0.15.1 and prior are vulnerable to SQL injection. The ExeSQL component extracts the SQL statement from the input and sends it directly to the database query. As of time of publication, no patched version is available.
CVSS: HIGH (8.9) EPSS Score: 0.05% SSVC Exploitation: poc
February 25th, 2025 (5 months ago)
|
CVE-2024-12368 |
Description: Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users.
CVSS: HIGH (8.1) EPSS Score: 0.03%
February 25th, 2025 (5 months ago)
|
CVE-2025-1204 |
Description: The "update" binary in the firmware of the affected product sends attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function triggers if the 'C' button is pressed at a specific time during the boot process. If an attacker is able to control or impersonate this IP address, they could upload and overwrite files on the device.
CVSS: HIGH (7.7) EPSS Score: 0.06% SSVC Exploitation: poc
February 25th, 2025 (5 months ago)
|
CVE-2025-27109 |
Description: Inserts/JSX expressions inside illegal inlined JSX fragments lacked escaping, allowing user input to be rendered as HTML when put directly inside JSX fragments.
For instance, ?text= would trigger XSS here.
const [text] = createResource(() => {
return new URL(getRequestEvent().request.url).searchParams.get("text");
});
return (
<>
Text: {text()}
>
);
References
https://github.com/solidjs/solid/security/advisories/GHSA-3qxh-p7jc-5xh6
https://nvd.nist.gov/vuln/detail/CVE-2025-27109
https://github.com/solidjs/solid/commit/b93956f28ed75469af6976a98728e313d0edd236
https://github.com/advisories/GHSA-3qxh-p7jc-5xh6
CVSS: HIGH (7.3) EPSS Score: 0.06%
February 25th, 2025 (5 months ago)
|
CVE-2025-27108 |
Description:
[!NOTE]This advisory was originally emailed to [email protected] by @nsysean.
To sum it up, the use of javascript's .replace() opens up to potential XSS vulnerabilities with the special replacement patterns beginning with $.
Particularly, when the attributes of Meta tag from solid-meta are user-defined, attackers can utilise the special replacement patterns, either $' or `$`` to achieve XSS.
The solid-meta package has this issue since it uses useAffect and context providers, which injects the used assets in the html header. "dom-expressions" uses .replace() to insert the assets, which is vulnerable to the special replacement patterns listed above.
This effectively means that if the attributes of an asset tag contained user-controlled data, it would be vulnerable to XSS. For instance, there might be meta tags for the open graph protocol in a user profile page, but if attackers set the user query to some payload abusing .replace(), then they could execute arbitrary javascript in the victim's web browser. Moreover, it could be stored and cause more problems.
References
https://github.com/ryansolid/dom-expressions/security/advisories/GHSA-hw62-58pr-7wc5
https://nvd.nist.gov/vuln/detail/CVE-2025-27108
https://github.com/ryansolid/dom-expressions/commit/521f75dfa89ed24161646e7007d9d7d21da07767
https://github.com/advisories/GHSA-hw62-58pr-7wc5
CVSS: HIGH (7.3) EPSS Score: 0.03%
February 25th, 2025 (5 months ago)
|
CVE-2025-1068 |
Description: There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS AllSource, the file could execute and run malicious commands under the context of the victim.
CVSS: HIGH (7.3) EPSS Score: 0.01% SSVC Exploitation: none
February 25th, 2025 (5 months ago)
|
CVE-2025-1067 |
Description: There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a low privileged attacker with write privileges to the local file system to introduce a malicious executable to the filesystem. When the victim performs a specific action using ArcGIS
ArcGIS Pro
, the file could execute and run malicious commands under the context of the victim.
CVSS: HIGH (7.3) EPSS Score: 0.01% SSVC Exploitation: none
February 25th, 2025 (5 months ago)
|
CVE-2024-49035 |
Description: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-49035 Microsoft Partner Center Improper Access Control Vulnerability
CVE-2023-34192 Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Users and administrators are also encouraged to review the Palo Alto Threat Brief: Operation Lunar Peek related to CVE-2024-0012, the Palo Alto Security Bulletin for CVE-2024-0012, and the Palo Alto Security Bulletin for CVE-2024-9474 for additional information.
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vuln...
CVSS: HIGH (8.7)
February 25th, 2025 (5 months ago)
|
CVE-2024-49035 |
Description: Microsoft Partner Center contains an improper access control vulnerability that allows an attacker to escalate privileges.
CVSS: HIGH (8.7)
February 25th, 2025 (5 months ago)
|
CVE-2025-26993 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vito Peleg Atarim allows Reflected XSS. This issue affects Atarim: from n/a through 4.1.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 25th, 2025 (5 months ago)
|