CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-2787 |
Description: KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.
Besides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub:
* 1.13.3 or above
* 1.12.4 or above
* 1.11.4 or above
* 1.10.4 or above
*
CVSS: HIGH (8.7) EPSS Score: 0.05%
March 26th, 2025 (3 months ago)
|
|
CVE-2025-20231 |
Description: In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a search using the permissions of a higher-privileged user that could lead to disclosure of sensitive information.The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated low-privileged user should not be able to exploit the vulnerability at will.
CVSS: HIGH (7.1) EPSS Score: 0.03%
March 26th, 2025 (3 months ago)
|
|
Description: Describe the Bug
In Directus, when a Flow with the "Webhook" trigger and the "Data of Last Operation" response body encounters a ValidationError thrown by a failed condition operation, the API response includes sensitive data. This includes environmental variables, sensitive API keys, user accountability information, and operational data.
This issue poses a significant security risk, as any unintended exposure of this data could lead to potential misuse.
To Reproduce
Steps to Reproduce:
Create a Flow in Directus with:
Trigger: Webhook
Response Body: Data of Last Operation
Add a condition that is likely to fail.
Trigger the Flow with any input data that will fail the condition.
Observe the API response, which includes sensitive information like:
Environmental variables ($env)
Authorization headers
User details under $accountability
Previous operational data.
Expected Behavior:
In the event of a ValidationError, the API response should only contain relevant error messages and details, avoiding the exposure of sensitive data.
Actual Behavior:
The API response includes sensitive information such as:
Environment keys (FLOWS_ENV_ALLOW_LIST)
User accountability (role, user, etc.)
Operational logs (current_payments, $last), which might contain private details.
References
https://github.com/directus/directus/security/advisories/GHSA-fm3h-p9wm-h74h
https://nvd.nist.gov/vuln/detail/CVE-2025-30353
https://github.com/advisories/GHSA-fm3h-p9wm-h74h
CVSS: HIGH (8.6) EPSS Score: 0.04%
March 26th, 2025 (3 months ago)
|
|
CVE-2019-9875 |
Description: Sitecore CMS and Experience Platform (XP) contain a deserialization vulnerability in the Sitecore.Security.AntiCSRF module that allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN.
CVSS: HIGH (8.8)
March 26th, 2025 (3 months ago)
|
|
CVE-2025-30353 |
Description: Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.12.0 and prior to version 11.5.0, when a Flow with the "Webhook" trigger and the "Data of Last Operation" response body encounters a ValidationError thrown by a failed condition operation, the API response includes sensitive data. This includes environmental variables, sensitive API keys, user accountability information, and operational data. This issue poses a significant security risk, as any unintended exposure of this data could lead to potential misuse. Version 11.5.0 fixes the issue.
CVSS: HIGH (8.6) EPSS Score: 0.04% SSVC Exploitation: poc
March 26th, 2025 (3 months ago)
|
|
CVE-2025-2783 |
🚨 Marked as known exploited on March 26th, 2025 (3 months ago).
Description: Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
CVSS: HIGH (8.3) EPSS Score: 2.01% SSVC Exploitation: none
March 26th, 2025 (3 months ago)
|
|
CVE-2024-27632 |
Description: An issue in GNU Savane v.3.12 and before allows a remote attacker to escalate privileges via the form_id in the form_header() function.
CVSS: HIGH (8.8) EPSS Score: 1.59% SSVC Exploitation: poc
March 26th, 2025 (3 months ago)
|
|
CVE-2024-22273 |
Description: The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.
CVSS: HIGH (8.1) EPSS Score: 0.04% SSVC Exploitation: none
March 26th, 2025 (3 months ago)
|
|
CVE-2024-6827 |
Description:
Nessus Plugin ID 233343 with High Severity
Synopsis
The remote SUSE host is missing a security update.
Description
The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1002-1 advisory. - CVE-2024-6827: Fixed improper validation of the 'Transfer-Encoding' header value can allow for HTTP request smuggling attacks (bsc#1239830)Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected python3-gunicorn package.
Read more at https://www.tenable.com/plugins/nessus/233343
CVSS: HIGH (7.5) EPSS Score: 0.02%
March 26th, 2025 (3 months ago)
|
|
CVE-2024-6827 |
Description:
Nessus Plugin ID 233344 with High Severity
Synopsis
The remote SUSE host is missing a security update.
Description
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:1008-1 advisory. - CVE-2024-6827: Fixed improper validation of the 'Transfer-Encoding' header value can allow for HTTP request smuggling attacks (bsc#1239830)Tenable has extracted the preceding description block directly from the SUSE security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected python311-gunicorn package.
Read more at https://www.tenable.com/plugins/nessus/233344
CVSS: HIGH (7.5) EPSS Score: 0.02%
March 26th, 2025 (3 months ago)
|