Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service (DDoS) attacks and took them offline as part of a multi-year international exercise called PowerOFF.
The effort, coordinated by Europol and involving 15 countries, dismantled several booter and stresser websites, including zdstresser.net, orbitalstress.net, and
December 12th, 2024 (4 months ago)
|
CVE-2024-5154 |
Description: A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.
EPSS Score: 0.05%
December 12th, 2024 (4 months ago)
|
|
CVE-2023-23456 |
Description: A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.
EPSS Score: 0.13%
December 12th, 2024 (4 months ago)
|
|
|
Description: Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. [...]
December 11th, 2024 (4 months ago)
|
|
CVE-2024-53677 |
Description: File upload logic is flawed vulnerability in Apache Struts.
This issue affects Apache Struts: from 2.0.0 before 6.4.0.
Users are recommended to upgrade to version 6.4.0, which fixes the issue.
You can find more details in https://cwiki.apache.org/confluence/display/WW/S2-067
References
https://nvd.nist.gov/vuln/detail/CVE-2024-53677
https://cwiki.apache.org/confluence/display/WW/S2-067
https://github.com/advisories/GHSA-43mq-6xmg-29vm
EPSS Score: 0.04%
December 11th, 2024 (4 months ago)
|
|
|
Description: Applications and libraries which misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass.
The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is in fact used to authenticate." Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions.
For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key.
Since this API is widely misused, as a partial mitigation golang.org/x/[email protected] enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if...
December 11th, 2024 (4 months ago)
|
|
|
Description: The US State Department has offered a $10 million reward for Guan Tianfeng, who has been accused of developing and testing a critical SQL injection flaw with a CVSS score of 9.8 used in Sophos attacks.
December 11th, 2024 (4 months ago)
|
|
|
Description: The 2024 MITRE ATT&CK Evaluation results are now available with Cynet achieving 100% Visibility and 100% Protection in the 2024 evaluation. Learn more from Cynet about what these results mean. [...]
December 11th, 2024 (4 months ago)
|
|
|
Description: Threat actors punch holes in the company's online ordering systems, tripping up doughnut deliveries across the US after a late November breach.
December 11th, 2024 (4 months ago)
|
|
|
Description: Impact
A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is incorrectly treated as non-secret data. This results in an incorrect shared secret value being returned when the decapsulation function is called with a malformed ciphertext.
No concrete attack exploiting the error has been identified at this point. However, the error involves mishandling of the secret key, and in principle this presents a security vulnerability.
Patches
PQClean does not have a release process, as it is a collection of implementations. If you obtained a HQC implementation from PQClean, please update to a version that includes the fixes proposed in https://github.com/PQClean/PQClean/pull/578.
Please also refer to our security policy.
Workarounds
Manually patching is always possible
Further details
In the 2023/04/30 version of the HQC specification and reference implementation, an extra field (sigma) was added to the secret key structure to enable implicit rejection of malformed ciphertexts. The logic to retrieve the public key from the secret key in the decapsulation function was not updated accordingly. As a result, sigma is treated as part of the public key. Later in the decapsulation call, a incorrectly constructed comparison check allows this error to go through undetected. Due to how these two bugs interfere with each other, the decapsulation function never uses sigma to perform impl...
December 11th, 2024 (4 months ago)
|