CyberAlerts

CVE-2025-27423

Description: Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164

CVSS: HIGH (7.1)

EPSS Score: 0.06%

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-27422

FACTION Allows Authentication Bypass via User Creation

Description: FACTION is a PenTesting Report Generation and Collaboration Framework. Authentication is bypassed when an attacker registers a new user with admin privileges. This is possible at any time without any authorization. The request must follow the validation rules (no missing information, secure password, etc) but there are no other controls stopping them. This vulnerability is fixed in 1.4.3.

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-27421

Goroutine Leak in Abacus SSE Implementation

Description: Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events (SSE) implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and terminate associated goroutines. This leads to resource exhaustion where the server continues running but eventually stops accepting new SSE connections while maintaining high memory usage. The vulnerability specifically involves improper channel cleanup in the event handling mechanism, causing goroutines to remain blocked indefinitely. This vulnerability is fixed in 1.4.0.

CVSS: HIGH (7.5)

EPSS Score: 0.06%

SSVC Exploitation: poc

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-27420

WeGIA contains a Stored Cross-Site Scripting (XSS) in 'atendido_parentesco_adicionar.php' via the 'descricao' parameter

Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the atendido_parentesco_adicionar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the descricao parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability fix in 3.2.16.

CVSS: MEDIUM (6.4)

EPSS Score: 0.06%

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-27419

Denial of Service (DoS) in WeGIA due to Recursive Crawling of Dynamic URLs

Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Denial of Service (DoS) vulnerability exists in WeGIA. This vulnerability allows any unauthenticated user to cause the server to become unresponsive by performing aggressive spidering. The vulnerability is caused by recursive crawling of dynamically generated URLs and insufficient handling of large volumes of requests. This vulnerability is fixed in 3.2.16.

CVSS: CRITICAL (9.2)

EPSS Score: 0.13%

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-27418

WeGIA contains a Stored Cross-Site Scripting (XSS) in 'adicionar_tipo_atendido.php' via the 'tipo' parameter

Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the adicionar_tipo_atendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the tipo parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.16.

CVSS: MEDIUM (6.4)

EPSS Score: 0.06%

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-27417

WeGIA Contains a Stored Cross-Site Scripting (XSS) in 'adicionar_status_atendido.php' via the 'status' parameter

Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the adicionar_status_atendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the status parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.16.

CVSS: MEDIUM (6.4)

EPSS Score: 0.06%

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-25303

Server-Side Request Forgery (SSRF) in MouseTooltipTranslator

Description: The MouseTooltipTranslator Chrome extension allows mouseover translation of any language at once. The MouseTooltipTranslator browser extension is vulnerable to SSRF attacks. The pdf.mjs script uses the URL parameter from the current URL as the file to download and display to the extension user. Because pdf.mjs is imported in viewer.html and viewer.html is accessible to all URLs, an attacker can force the user’s browser to make a request to any arbitrary URL. After discussion with maintainer, patching this issue would require disabling a major feature of the extension in exchange for a low severity vulnerability. Decision to not patch issue.

CVSS: MEDIUM (6.9)

EPSS Score: 0.06%

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-25302

Rembg CORS misconfiguration

Description: Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allow_credentials is set to True, which would allow any website to send authenticated cross site requests.

CVSS: HIGH (8.7)

EPSS Score: 0.01%

Source: CVE

March 3rd, 2025 (4 months ago)

CVE-2025-25301

Rembg allows SSRF via /api/remove

Description: Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure.

CVSS: MEDIUM (6.9)

EPSS Score: 0.05%

Source: CVE

March 3rd, 2025 (4 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2025-27423	Improper Input Validation in Vim Description: Vim is an open source, command line text editor. Vim is distributed with the tar.vim plugin, that allows easy editing and viewing of (compressed or uncompressed) tar files. Starting with 9.1.0858, the tar.vim plugin uses the ":read" ex command line to append below the cursor position, however the is not sanitized and is taken literally from the tar archive. This allows to execute shell commands via special crafted tar archives. Whether this really happens, depends on the shell being used ('shell' option, which is set using $SHELL). The issue has been fixed as of Vim patch v9.1.1164 CVSS: HIGH (7.1) EPSS Score: 0.06% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-27422	FACTION Allows Authentication Bypass via User Creation Description: FACTION is a PenTesting Report Generation and Collaboration Framework. Authentication is bypassed when an attacker registers a new user with admin privileges. This is possible at any time without any authorization. The request must follow the validation rules (no missing information, secure password, etc) but there are no other controls stopping them. This vulnerability is fixed in 1.4.3. CVSS: HIGH (7.5) EPSS Score: 0.09% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-27421	Goroutine Leak in Abacus SSE Implementation Description: Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events (SSE) implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and terminate associated goroutines. This leads to resource exhaustion where the server continues running but eventually stops accepting new SSE connections while maintaining high memory usage. The vulnerability specifically involves improper channel cleanup in the event handling mechanism, causing goroutines to remain blocked indefinitely. This vulnerability is fixed in 1.4.0. CVSS: HIGH (7.5) EPSS Score: 0.06% SSVC Exploitation: poc Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-27420	WeGIA contains a Stored Cross-Site Scripting (XSS) in 'atendido_parentesco_adicionar.php' via the 'descricao' parameter Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the atendido_parentesco_adicionar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the descricao parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability fix in 3.2.16. CVSS: MEDIUM (6.4) EPSS Score: 0.06% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-27419	Denial of Service (DoS) in WeGIA due to Recursive Crawling of Dynamic URLs Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Denial of Service (DoS) vulnerability exists in WeGIA. This vulnerability allows any unauthenticated user to cause the server to become unresponsive by performing aggressive spidering. The vulnerability is caused by recursive crawling of dynamically generated URLs and insufficient handling of large volumes of requests. This vulnerability is fixed in 3.2.16. CVSS: CRITICAL (9.2) EPSS Score: 0.13% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-27418	WeGIA contains a Stored Cross-Site Scripting (XSS) in 'adicionar_tipo_atendido.php' via the 'tipo' parameter Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the adicionar_tipo_atendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the tipo parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.16. CVSS: MEDIUM (6.4) EPSS Score: 0.06% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-27417	WeGIA Contains a Stored Cross-Site Scripting (XSS) in 'adicionar_status_atendido.php' via the 'status' parameter Description: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the adicionar_status_atendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the status parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.16. CVSS: MEDIUM (6.4) EPSS Score: 0.06% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-25303	Server-Side Request Forgery (SSRF) in MouseTooltipTranslator Description: The MouseTooltipTranslator Chrome extension allows mouseover translation of any language at once. The MouseTooltipTranslator browser extension is vulnerable to SSRF attacks. The pdf.mjs script uses the URL parameter from the current URL as the file to download and display to the extension user. Because pdf.mjs is imported in viewer.html and viewer.html is accessible to all URLs, an attacker can force the user’s browser to make a request to any arbitrary URL. After discussion with maintainer, patching this issue would require disabling a major feature of the extension in exchange for a low severity vulnerability. Decision to not patch issue. CVSS: MEDIUM (6.9) EPSS Score: 0.06% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-25302	Rembg CORS misconfiguration Description: Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the CORS middleware is setup incorrectly. All origins are reflected, which allows any website to send cross site requests to the rembg server and thus query any API. Even if authentication were to be enabled, allow_credentials is set to True, which would allow any website to send authenticated cross site requests. CVSS: HIGH (8.7) EPSS Score: 0.01% Source: CVE March 3rd, 2025 (4 months ago)
CVE-2025-25301	Rembg allows SSRF via /api/remove Description: Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg server. This issue may lead to Information Disclosure. CVSS: MEDIUM (6.9) EPSS Score: 0.05% Source: CVE March 3rd, 2025 (4 months ago)