Zenn
⚠️

脆弱性情報 2025-03-21

に公開
Security
vulnerability
jvn
jpcert
nvd
tech

脆弱性リスト

複数のSchneider Electric製品における複数の脆弱性

複数のRockwell Automation製品における複数の脆弱性

Philips製Intellispace Cardiovascular(ISCV)における複数の脆弱性

複数のSungrow製品における複数の脆弱性

Schneider Electric製Uni-Telwayドライバにおける不適切な入力確認の脆弱性

Siemens製品に対するアップデート(2025年3月)

Apache Tomcat partial PUTにおけるリモートコード実行、情報漏えいや改ざんの脆弱性(CVE-2025-24813)

複数のHitachi Energy製品における複数の脆弱性

Keysight製Ixia Vision Product Familyにおける複数の脆弱性

複数のHitachi Energy製品における複数の脆弱性

[When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits file uploads to specific directories, a misconfigured server can be exploited by an attacker with privilege to access to both table engines to execute arbitrary code on the ClickHouse server.

You can check if your ClickHouse server is vulnerable to this vulnerability by inspecting the configuration file and confirming if the following setting is enabled:

<library_bridge>
<port>9019</port>
</library_bridge>](https://nvd.nist.gov/vuln/detail/CVE-2025-1385)

The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to, and including, 3.5.3 via the 'lang' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary PHP files on the server, allowing the execution of code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.

A misconfiguration in the AndroidManifest.xml file in hamza417/inure before build97 allows for task hijacking. This vulnerability permits malicious applications to inherit permissions of the vulnerable app, potentially leading to the exposure of sensitive information. An attacker can create a malicious app that hijacks the legitimate Inure app, intercepting and stealing sensitive information when installed on the victim's device. This issue affects all Android versions before Android 11.

A stored cross-site scripting (XSS) vulnerability exists in chatwoot/chatwoot versions 3.0.0 to 3.5.1. This vulnerability allows an admin user to inject malicious JavaScript code via the dashboard app settings, which can then be executed by another admin user when they access the affected dashboard app. The issue is fixed in version 3.5.2.

A vulnerability in the start_app_server function of parisneo/lollms-webui V12 (Strawberry) allows for path traversal and OS command injection. The function does not properly sanitize the app_name parameter, enabling an attacker to upload a malicious server.py file and execute arbitrary code by exploiting the path traversal vulnerability.

parisneo/lollms-webui versions v9.9 to the latest are vulnerable to a directory listing vulnerability. An attacker can list arbitrary directories on a Windows system by sending a specially crafted HTTP request to the /open_file endpoint.

Realchar version v0.0.4 is vulnerable to an unauthenticated denial of service (DoS) attack. The vulnerability exists in the file upload request handling, where appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request causes the server to continuously process each character. This leads to excessive resource consumption and renders the service unavailable. The issue is unauthenticated and does not require any user interaction, impacting all users of the service.

Discussion