CyberAlerts

CVE-2024-13352

Description: The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE

February 8th, 2025 (5 months ago)

CVE-2024-10383

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab VSCode Fork

Description: An issue has been discovered in the gitlab-web-ide-vscode-fork component distributed over CDN affecting all versions prior to 1.89.1-1.0.0-dev-20241118094343and used by all versions of GitLab CE/EE starting from 15.11 prior to 17.3 and which also temporarily affected versions 17.4, 17.5 and 17.6, where a XSS attack was possible when loading .ipynb files in the web IDE

CVSS: HIGH (8.7)

EPSS Score: 0.04%

Source: CVE

February 8th, 2025 (5 months ago)

CVE-2025-0994

CISA Adds One Known Exploited Vulnerability to Catalog

Description: CISA has added one vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

CVSS: HIGH (8.6)

EPSS Score: 1.32%

Source: All CISA Advisories

February 7th, 2025 (5 months ago)

CVE-2025-0994

Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software

Description: CISA is collaborating with private industry partners to respond to reports of exploitation of a vulnerability (CVE-2025-0994) discovered by Trimble impacting its Cityworks Server AMS (Asset Management System). Trimble has released security updates and an advisory addressing a recently discovered a deserialization vulnerability enabling an external actor to potentially conduct remote code execution (RCE) against a customer’s Microsoft Internet Information Services (IIS) web server. CISA has added CVE-2025-0994 to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CISA strongly encourages users and administrators to search for indicators of compromise (IOCs) and apply the necessary updates and workarounds. Review the following article for more information: Trimble Advisory and IOCs for Vulnerability Affecting Cityworks Deployments The Symantec Threat Hunter team, part of Broadcom, contributed to this guidance.

CVSS: HIGH (8.6)

EPSS Score: 1.32%

Source: All CISA Advisories

February 7th, 2025 (5 months ago)

CVE-2025-0994

Trimble Cityworks Deserialization Vulnerability

Description: Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.

CVSS: HIGH (8.6)

EPSS Score: 1.32%

Source: CISA KEV

February 7th, 2025 (5 months ago)

CVE-2025-0994

CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE

Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution. "This could

CVSS: HIGH (8.6)

EPSS Score: 1.32%

Source: TheHackerNews

February 7th, 2025 (5 months ago)

CVE-2025-0781

Fedora 40 : FlightGear / SimGear (2025-725bba93b2)

Description: Nessus Plugin ID 215077 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-725bba93b2 advisory. Fix CVE-2025-0781Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected FlightGear and / or SimGear packages. Read more at https://www.tenable.com/plugins/nessus/215077

CVSS: HIGH (8.6)

EPSS Score: 0.05%

Source: Tenable Plugins

February 7th, 2025 (5 months ago)

CVE-2024-52531

RHEL 8 : libsoup (RHSA-2025:1075)

Description: Nessus Plugin ID 215081 with High Severity Synopsis The remote Red Hat host is missing a security update for libsoup. Description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1075 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fix(es): * libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (CVE-2024-52531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL libsoup package based on the guidance in RHSA-2025:1075. Read more at https://www.tenable.com/plugins/nessus/215081

CVSS: HIGH (8.4)

EPSS Score: 0.1%

Source: Tenable Plugins

February 7th, 2025 (5 months ago)

CVE-2024-52531

RHEL 7 : libsoup (RHSA-2025:1047)

Description: Nessus Plugin ID 215090 with High Severity Synopsis The remote Red Hat host is missing a security update for libsoup. Description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1047 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fix(es): * libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (CVE-2024-52531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL libsoup package based on the guidance in RHSA-2025:1047. Read more at https://www.tenable.com/plugins/nessus/215090

CVSS: HIGH (8.4)

EPSS Score: 0.1%

Source: Tenable Plugins

February 7th, 2025 (5 months ago)

CVE-2025-24787

Parameter injection in DB connection URIs leading to local file inclusion in WhoDB

Description: WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string concatenation to build database connection URIs which are then passed to corresponding libraries responsible for setting up the database connections. This string concatenation is done unsafely and without escaping or encoding the user input. This allows an user, in many cases, to inject arbitrary parameters into the URI string. These parameters can be potentially dangerous depending on the libraries used. One of these dangerous parameters is `allowAllFiles` in the library `github.com/go-sql-driver/mysql`. Should this be set to `true`, the library enables running the `LOAD DATA LOCAL INFILE` query on any file on the host machine (in this case, the machine that WhoDB is running on). By injecting `&allowAllFiles=true` into the connection URI and connecting to any MySQL server (such as an attacker-controlled one), the attacker is able to read local files. This issue has been addressed in version 0.45.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS: HIGH (8.6)

EPSS Score: 0.04%

Source: CVE

February 7th, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-13352	Legull <= 1.2.2 - Reflected XSS Description: The Legull WordPress plugin through 1.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. CVSS: HIGH (7.1) EPSS Score: 0.04% Source: CVE February 8th, 2025 (5 months ago)
CVE-2024-10383	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab VSCode Fork Description: An issue has been discovered in the gitlab-web-ide-vscode-fork component distributed over CDN affecting all versions prior to 1.89.1-1.0.0-dev-20241118094343and used by all versions of GitLab CE/EE starting from 15.11 prior to 17.3 and which also temporarily affected versions 17.4, 17.5 and 17.6, where a XSS attack was possible when loading .ipynb files in the web IDE CVSS: HIGH (8.7) EPSS Score: 0.04% Source: CVE February 8th, 2025 (5 months ago)
CVE-2025-0994	CISA Adds One Known Exploited Vulnerability to Catalog Description: CISA has added one vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria. CVSS: HIGH (8.6) EPSS Score: 1.32% Source: All CISA Advisories February 7th, 2025 (5 months ago)
CVE-2025-0994	Trimble Releases Security Updates to Address a Vulnerability in Cityworks Software Description: CISA is collaborating with private industry partners to respond to reports of exploitation of a vulnerability (CVE-2025-0994) discovered by Trimble impacting its Cityworks Server AMS (Asset Management System). Trimble has released security updates and an advisory addressing a recently discovered a deserialization vulnerability enabling an external actor to potentially conduct remote code execution (RCE) against a customer’s Microsoft Internet Information Services (IIS) web server. CISA has added CVE-2025-0994 to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CISA strongly encourages users and administrators to search for indicators of compromise (IOCs) and apply the necessary updates and workarounds. Review the following article for more information: Trimble Advisory and IOCs for Vulnerability Affecting Cityworks Deployments The Symantec Threat Hunter team, part of Broadcom, contributed to this guidance. CVSS: HIGH (8.6) EPSS Score: 1.32% Source: All CISA Advisories February 7th, 2025 (5 months ago)
CVE-2025-0994	Trimble Cityworks Deserialization Vulnerability Description: Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server. CVSS: HIGH (8.6) EPSS Score: 1.32% Source: CISA KEV February 7th, 2025 (5 months ago)
CVE-2025-0994	CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE Description: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution. "This could CVSS: HIGH (8.6) EPSS Score: 1.32% Source: TheHackerNews February 7th, 2025 (5 months ago)
CVE-2025-0781	Fedora 40 : FlightGear / SimGear (2025-725bba93b2) Description: Nessus Plugin ID 215077 with High Severity Synopsis The remote Fedora host is missing one or more security updates. Description The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-725bba93b2 advisory. Fix CVE-2025-0781Tenable has extracted the preceding description block directly from the Fedora security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the affected FlightGear and / or SimGear packages. Read more at https://www.tenable.com/plugins/nessus/215077 CVSS: HIGH (8.6) EPSS Score: 0.05% Source: Tenable Plugins February 7th, 2025 (5 months ago)
CVE-2024-52531	RHEL 8 : libsoup (RHSA-2025:1075) Description: Nessus Plugin ID 215081 with High Severity Synopsis The remote Red Hat host is missing a security update for libsoup. Description The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1075 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fix(es): * libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (CVE-2024-52531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL libsoup package based on the guidance in RHSA-2025:1075. Read more at https://www.tenable.com/plugins/nessus/215081 CVSS: HIGH (8.4) EPSS Score: 0.1% Source: Tenable Plugins February 7th, 2025 (5 months ago)
CVE-2024-52531	RHEL 7 : libsoup (RHSA-2025:1047) Description: Nessus Plugin ID 215090 with High Severity Synopsis The remote Red Hat host is missing a security update for libsoup. Description The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1047 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fix(es): * libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (CVE-2024-52531) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. Solution Update the RHEL libsoup package based on the guidance in RHSA-2025:1047. Read more at https://www.tenable.com/plugins/nessus/215090 CVSS: HIGH (8.4) EPSS Score: 0.1% Source: Tenable Plugins February 7th, 2025 (5 months ago)
CVE-2025-24787	Parameter injection in DB connection URIs leading to local file inclusion in WhoDB Description: WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string concatenation to build database connection URIs which are then passed to corresponding libraries responsible for setting up the database connections. This string concatenation is done unsafely and without escaping or encoding the user input. This allows an user, in many cases, to inject arbitrary parameters into the URI string. These parameters can be potentially dangerous depending on the libraries used. One of these dangerous parameters is `allowAllFiles` in the library `github.com/go-sql-driver/mysql`. Should this be set to `true`, the library enables running the `LOAD DATA LOCAL INFILE` query on any file on the host machine (in this case, the machine that WhoDB is running on). By injecting `&allowAllFiles=true` into the connection URI and connecting to any MySQL server (such as an attacker-controlled one), the attacker is able to read local files. This issue has been addressed in version 0.45.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. CVSS: HIGH (8.6) EPSS Score: 0.04% Source: CVE February 7th, 2025 (5 months ago)