Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Affected versions use deno_core releases that expose Deno.core.ops.op_panic to the JS runtime in the base core
This function when called triggers a manual panic in the thread containing the runtime, breaking sandboxing
It can be fixed by stubbing out the exposed op:
Deno.core.ops.op_panic = (msg) => { throw new Error(msg) };
References
https://github.com/Bromeon/js-sandbox/issues/31
https://rustsec.org/advisories/RUSTSEC-2024-0403.html
https://github.com/advisories/GHSA-4mw5-2636-4535
December 4th, 2024 (5 months ago)
|
|
|
Description: Affected versions use deno_core releases that expose Deno.core.ops.op_panic to the JS runtime in the base core
This function when called triggers a manual panic in the thread containing the runtime.
It can be fixed by stubbing out the exposed op:
Deno.core.ops.op_panic = (msg) => { throw new Error(msg) };
References
https://github.com/rscarson/rustyscript/issues/174
https://rustsec.org/advisories/RUSTSEC-2024-0405.html
https://github.com/advisories/GHSA-fwfx-rrv8-crpf
December 4th, 2024 (5 months ago)
|
|
|
Description: Earlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots, that handle private keys directly. This issue should not affect non-custodial wallets, as they generally do not expose private keys during transactions. This is not an issue with the Solana protocol itself, but with a specific JavaScript client library and only appears to affect projects that directly handle private keys and that updated within the window of 3:20pm UTC and 8:25pm UTC on Tuesday, December 3, 2024.
These two unauthorized versions (1.95.6 and 1.95.7) were caught within hours and have since been unpublished.
We are asking all Solana app developers to upgrade to version 1.95.8. Developers pinned to latest should also upgrade to 1.95.8.
Developers that suspect they might be compromised should rotate any suspect authority keys, including multisigs, program authorities, server keypairs, and so on.
References
https://github.com/solana-labs/solana-web3.js/security/advisories/GHSA-jcxm-7wvp-g6p5
https://github.com/advisories/GHSA-2mhj-xmf4-pr8m
https://github.com/advisories/GHSA-jcxm-7wvp-g6p5
December 4th, 2024 (5 months ago)
|
|
|
Description: A new Android banking malware named 'DroidBot' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...]
December 4th, 2024 (5 months ago)
|
|
|
Description: The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised networks. [...]
December 4th, 2024 (5 months ago)
|
|
|
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
CVE-2024-51378 CyberPanel Incorrect Default Permissions Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
December 4th, 2024 (5 months ago)
|
|
|
Description: Summary
A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download.
Details
This vulnerability stems from a GitHub Actions workflow artifact named .. when downloaded using gh run download. The artifact name and --dir flag are used to determine the artifact’s download path. When the artifact is named .., the resulting files within the artifact are extracted exactly 1 directory higher than the specified --dir flag value.
In 2.63.1, gh run download will not download artifacts named .. and . and instead exit with the following error message:
error downloading ..: would result in path traversal
Impact
Successful exploitation heightens the risk of local path traversal attack vectors exactly 1 directory higher than intended.
Remediation and Mitigation
Upgrade gh to 2.63.1
Implement additional validation to ensure artifact filenames do not contain potentially dangerous patterns, such as .., to prevent path traversal risks.
References
https://github.com/cli/cli/security/advisories/GHSA-2m9h-r57g-45pj
https://github.com/cli/cli/commit/1136764c369aaf0cae4ec2ee09dc35d871076932
https://github.com/advisories/GHSA-2m9h-r57g-45pj
December 4th, 2024 (5 months ago)
|
|
|
Description: Updated NIST guidelines reject outdated password security practices in favor of more effective protections. Learn from Specops Software about 6 takeaways from NIST's new guidance that help create strong password policies. [...]
December 4th, 2024 (5 months ago)
|
|
|
Description: Japan's CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute commands, or even turn off the firewall. [...]
December 4th, 2024 (5 months ago)
|
|
|
Description: The evolving regulatory environment presents both challenges and opportunities for businesses.
December 4th, 2024 (5 months ago)
|