Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: Organizations are often caught off-guard when a data breaches occurs, forcing them to quickly perform mass password resets Learn from Specops Software about some of the common mass password reset scenarios and the challenges you may face. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: Over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical severity flaws, with 20,000 using a SonicOS/OSX firmware version that the vendor no longer supports. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: The Irish Data Protection Commission (DPC) fined Meta €251 million ($263.6M) over General Data Protection Regulation (GDPR) violations arising from a 2018 personal data breach impacting 29 million Facebook accounts. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: CISA has issued this year's first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required configuration baselines. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: A new Ledger phishing campaign is underway that pretends to be a data breach notification asking you to verify your recovery phrase, which is then stolen and used to steal your cryptocurrency. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: A cyberespionage threat group known as 'Bitter' was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: Nvidia has shared a temporary fix for a known issue impacting systems running its recently unveiled NVIDIA App and causing gaming performance to drop by up to 15%. [...]
December 18th, 2024 (4 months ago)
|
|
|
Description: The OVERWRITE clause of the DEFINE TABLE statement would fail to overwrite data for tables that were defined with TYPE RELATION. Since table definitions include the PERMISSIONS clause, this failure would result in permissions not being overwritten as a result, which may potentially lead users to believe they have changed the table permissions when they have not.
Impact
If a user attempted to update table permissions of a table defined with TYPE RELATION using DEFINE TABLE ... OVERWRITE, permissions for the table would not be changed. This may allow a client that is authorized to run queries in a SurrealDB server to access certain data in that specific table that they were not intended to be able to access after the specified change in permissions.
Patches
The DEFINE TABLE statement has been updated to appropriately overwrite data for tables defined with TYPE RELATION.
Version 2.1.3 and later are not affected by this issue.
Workarounds
Users of tables with TYPE RELATION that may have been modified using the OVERWRITE clause in order to update permissions are advised to verify that the intended permissions are in place using the INFO FOR DB statement. Affected users who are unable to update and require updating permissions in a table with TYPE RELATION will be required to remove the table and define it from scratch with the intended permissions. Data can be preserved by backing it up to a temporary table.
References
#5260
References
https://github.com/surrealdb/surreald...
December 18th, 2024 (4 months ago)
|