Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP
Description: The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files. The activity, which has targeted governments and armed forces, think tanks, academic researchers, and Ukrainian entities, entails adopting a "rogue RDP" technique that was previously
Source: TheHackerNews
December 18th, 2024 (4 months ago)
Not Your Old ActiveState: Introducing our End-to-End OS Platform
Description: Having been at ActiveState for nearly eight years, I’ve seen many iterations of our product. However, one thing has stayed true over the years: Our commitment to the open source community and companies using open source in their code. ActiveState has been helping enterprises manage open source for over a decade. In the early days, open source was in its infancy. We focused mainly on the
Source: TheHackerNews
December 18th, 2024 (4 months ago)
[github.com/cosmos/cosmos-sdk] ASA-2024-0012, ASA-2024-0013: CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion
Description: Summary ASA-2024-0012 Name: ASA-2024-0012, Transaction decoding may result in a stack overflow Component: Cosmos SDK Criticality: High (Considerable Impact, and Possible Likelihood per ACMv1.2) Affected versions: cosmos-sdk versions <= v0.50.10, <= v0.47.14 Affected users: Chain Builders + Maintainers, Validators, node operators ASA-2024-0013 Name: ASA-2024-0013: CosmosSDK: Transaction decoding may result in resource exhaustionComponent: Cosmos SDK Criticality: High (Considerable Impact, and Possible Likelihood per ACMv1.2) Affected versions: cosmos-sdk versions <= v0.50.10, <= v0.47.14 Affected users: Chain Builders + Maintainers, Validators, node operators Impact ASA-2024-0012 When decoding a maliciously formed packet with a deeply-nested structure, it may be possible for a stack overflow to occur and result in a network halt. This was addressed by adding a recursion limit while decoding the packet. ASA-2024-0013 Nested messages in a transaction can consume exponential cpu and memory on UnpackAny calls. Themax_tx_bytes sets a limit for external TX but is not applied for internal messages emitted by wasm contracts or a malicious validator block. This may result in a node crashing due to resource exhaustion. This was addressed by adding additional validation to prevent this condition. Patches The issues above are resolved in Cosmos SDK versions v0.47.15 or v0.50.11. Please upgrade ASAP. Timeline for ASA-2024-0012 October 1, 2024, 12:29pm UTC: Issue reported to the Cosm...
Source: Github Advisory Database (Go)
December 18th, 2024 (4 months ago)

CVE-2024-50379
[org.apache.tomcat:tomcat-catalina] Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability
Description: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. References https://nvd.nist.gov/vuln/detail/CVE-2024-50379 https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r https://github.com/apache/tomcat/commit/05ddeeaa54df1e2dc427d0164bedd6b79f78d81f https://github.com/apache/tomcat/commit/43b507ebac9d268b1ea3d908e296cc6e46795c00 https://github.com/apache/tomcat/commit/631500b0c9b2a2a2abb707e3de2e10a5936e5d41 https://github.com/apache/tomcat/commit/684247ae85fa633b9197b32391de59fc54703842 https://github.com/apache/tomcat/commit/8554f6b1722b33a2ce8b0a3fad37825f3a75f2d2 https://github.com/apache/tomcat/commit/cc7a98b57c6dc1df21979fcff94a36e068f4456c https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.34 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.2 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.98 http://www.openwall.com/lists/oss-security/2024/12/17/4 https://github.com/advisories/GHSA-5j33-cvvr-w245

EPSS Score: 0.04%

Source: Github Advisory Database (Maven)
December 18th, 2024 (4 months ago)

CVE-2024-54677
[org.apache.tomcat:tomcat-catalina] Apache Tomcat Uncontrolled Resource Consumption vulnerability
Description: Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. References https://nvd.nist.gov/vuln/detail/CVE-2024-54677 https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n https://github.com/apache/tomcat/commit/f57a9d9847c1038be61f5818d73b8be907c460d4 https://github.com/apache/tomcat/commit/e8c16cdba833884e1bd49fff1f1cb699da177585 https://github.com/apache/tomcat/commit/dbec927859d9484cb8bd680a7c67b1a560f48444 https://github.com/apache/tomcat/commit/d63a10afc142b12f462a15f7d10f79fd80ff94eb https://github.com/apache/tomcat/commit/cb1707685472994e9d924746f8c91cb116fa5213 https://github.com/apache/tomcat/commit/c2f7ce21c3fb12caefee87c517a8bb4f80700044 https://github.com/apache/tomcat/commit/c0a23927ea5e061ca3fdff695138464179fe674a https://github.com/apache/tomcat/commit/bbd82e9593314ade4cfd57248f9285fbad686f66 https://github.com/apache/tomcat/commit/aa5b4d0043289cf054f531ec55126c980d3572e1 https://github.com/apache/tomcat/commit/a95bf2b0303442a2c9a1ac364b0e63b56049e33a https://github.com/apache/tomcat/commit/9ffd23fc27f5d1fc95bf97e5cea175c8968f4533 https://github.com/apache/tomcat/commit/84c4af76e7a10fc7f8630ce62e6a46632ea4a90e https://github.com/apache/tomcat/commit/840...

EPSS Score: 0.04%

Source: Github Advisory Database (Maven)
December 18th, 2024 (4 months ago)
Multiple vulnerabilities in SHARP routers
Description: SHARP routers contain multiple vulnerabilities.
Source: Japan Vulnerability Notes (JVN)
December 18th, 2024 (4 months ago)
"Shonen Jump+" App for Android fails to restrict custom URL schemes properly
Description: "Shonen Jump+" App for Android provided by SHUEISHA INC. fails to restrict custom URL schemes properly.
Source: Japan Vulnerability Notes (JVN)
December 18th, 2024 (4 months ago)
Malicious ads push Lumma infostealer via fake CAPTCHA pages
Description: A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. [...]
Source: BleepingComputer
December 18th, 2024 (4 months ago)
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
Description: CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. [...]
Source: BleepingComputer
December 18th, 2024 (4 months ago)
Kali Linux 2024.4 released with 14 new tools, deprecates some features
Description: Kali Linux has released version 2024.4, the fourth and final version of 2024, and it is now available with fourteen new tools,&nbsp;numerous improvements, and deprecates&nbsp;some features. [...]
Source: BleepingComputer
December 18th, 2024 (4 months ago)