CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-28856 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in dangrossman W3Counter Free Real-Time Web Stats allows Cross Site Request Forgery. This issue affects W3Counter Free Real-Time Web Stats: from n/a through 4.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-27792 |
Description: Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, the protections against cross-site request forgery (CSRF) were insufficient application-wide. The referrer header is checked, and if it is invalid, the server returns 403. However, the referrer header can be dropped from CSRF requests using ``, effectively bypassing this protection. Version 5.1.1 contains a patch for the issue.
CVSS: HIGH (7.7) EPSS Score: 0.02%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-27101 |
Description: Opal is OBiBa’s core database application for biobanks or epidemiological studies. Prior to version 5.1.1, when copying any parent directory to a folder in the /temp/ directory, all files in that parent directory are copied, including files which the user should not have access to. All users of the application are impacted, as this is exploitable by any user to reveal all files in the opal filesystem. This also means that low-privilege users such as DataShield users can retrieve the files of other users. Version 5.1.1 contains a patch for the issue.
CVSS: HIGH (7.3) EPSS Score: 0.05%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-2209 |
Description: A vulnerability, which was classified as problematic, was found in aitangbao springboot-manager 3.0. Affected is an unknown function of the file /sysDict/add. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. Es wurde eine Schwachstelle in aitangbao springboot-manager 3.0 gefunden. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /sysDict/add. Durch die Manipulation des Arguments name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (4.8) EPSS Score: 0.03%
March 11th, 2025 (4 months ago)
|
|
CVE-2025-1707 |
Description: The Review Schema plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.4 via post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.
CVSS: HIGH (8.8) EPSS Score: 0.1%
March 11th, 2025 (4 months ago)
|
|
Description: Description
An issue was discovered in IBC-Go's deserialization of acknowledgements that results in non-deterministic behavior which can halt a chain. Any user that can open an IBC channel can introduce this state to the chain.
This an upstream dependency used in cheqd-node, rather than a custom module.
Impact
Could result in a chain halt.
Patches
Validators, full nodes, and IBC relayers should upgrade to cheqd-node v3.1.7. This upgrade does not require a software upgrade proposal on-chain and is meant to be non state-breaking.
References
See ASA-2025-004: Non-deterministic JSON Unmarshalling of IBC Acknowledgement can result in a chain halt upstream on IBC-Go.
References
https://github.com/cheqd/cheqd-node/security/advisories/GHSA-33cr-m232-xqch
https://github.com/cosmos/ibc-go/security/advisories/GHSA-jg6f-48ff-5xrw
https://github.com/cosmos/ibc-go/commit/59987d52d959dc5876ffd4f307c9b33a52a43748
https://github.com/advisories/GHSA-33cr-m232-xqch
March 11th, 2025 (4 months ago)
|
|
|
Description: Impact
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Patches
https://github.com/facebookincubator/below/commit/10e73a21d67baa2cd613ee92ce999cda145e1a83
This is included in version 0.9.0
Workarounds
Change the permission on /var/log/below manually
References
https://www.facebook.com/security/advisories/cve-2025-27591
https://www.cve.org/CVERecord?id=CVE-2025-27591
References
https://github.com/facebookincubator/below/security/advisories/GHSA-9mc5-7qhg-fp3w
https://github.com/facebookincubator/below/commit/10e73a21d67baa2cd613ee92ce999cda145e1a83
https://www.facebook.com/security/advisories/cve-2025-27591
https://github.com/advisories/GHSA-9mc5-7qhg-fp3w
EPSS Score: 0.02%
March 11th, 2025 (4 months ago)
|
|
|
Description: Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-25301
https://securitylab.github.com/advisories/GHSL-2024-161_GHSL-2024-162_rembg
https://github.com/advisories/GHSA-r5gx-c49x-h878
CVSS: MEDIUM (6.9) EPSS Score: 0.05%
March 11th, 2025 (4 months ago)
|
|
|
Description: Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allow_credentials is set to True, which would allow any website to send authenticated cross site requests.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-25302
https://github.com/danielgatis/rembg/blob/d1e00734f8a996abf512a3a5c251c7a9a392c90a/rembg/commands/s_command.py#L93
https://securitylab.github.com/advisories/GHSL-2024-161_GHSL-2024-162_rembg
https://github.com/advisories/GHSA-59qh-fmm7-3g9q
CVSS: HIGH (8.7) EPSS Score: 0.01%
March 11th, 2025 (4 months ago)
|
|
|
Description: Summary
Authenticated users can craft a filter string used to cause a SQL injection.
Details
Give all details on the vulnerability. Pointing to the incriminated source code is very helpful for the maintainer.
This code does not look to sanitize inputs: https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Extension/RelationFilterConditionParser.php#L29-L47
c.f. with https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Multiselect.php#L332-L347
PoC
Complete instructions, including specific configuration details, to reproduce the vulnerability.
Impact
What kind of vulnerability is it? Who is impacted?
References
https://github.com/pimcore/pimcore/security/advisories/GHSA-qjpx-5m2p-5pgh
https://nvd.nist.gov/vuln/detail/CVE-2025-27617
https://github.com/pimcore/pimcore/commit/19a8520895484e68fd254773e32476565d91deea
https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Extension/RelationFilterConditionParser.php#L29-L47
https://github.com/pimcore/pimcore/blob/c721a42c23efffd4ca916511ddb969598d302396/models/DataObject/ClassDefinition/Data/Multiselect.php#L332-L347
https://github.com/advisories/GHSA-qjpx-5m2p-5pgh
CVSS: MEDIUM (6.3) EPSS Score: 0.01%
March 11th, 2025 (4 months ago)
|