CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: Impact With careful use of the --mount flag in RUN instructions in Containerfiles, and by using either multi-stage builds with use of concurrently-executing build stages (e.g., using the --jobs CLI flag) or multiple separate but concurrently-executing builds, a malicious Containerfile can be used to expose content from the build host to the command being run using the RUN instruction. This can be used to read or write contents using the privileges of the process which is performing the build. When that process is a root-owned podman system service which is provided for use by unprivileged users, this includes the ability to read and write contents which the client should not be allowed to read and write, including setuid executables in locations where they can be later accessed by unprivileged users. Patches Patches have been merged to the main branch, and will be added to upcoming releases on the release-1.38, release-1.37, release-1.35, and release-1.33 branches. This addressed a number of Jira cards, but primarily https://issues.redhat.com/browse/RHEL-67616 and https://issues.redhat.com/browse/RHEL-67618, which were then vendored into Podman and backported into olde rbranches. Workarounds Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled. References https://github.com/containers/buildah/security/advisories/GHSA-5vpc-35f4-r8w6 https://issues.redhat.com/browse/RHEL-67616 https://issues.redhat.com/br...
Source: Github Advisory Database (Go)
January 21st, 2025 (5 months ago)
Description: Summary Despite normal text rendering as LaTeX expressions, preventing XSS, the library also provides users with commands which may modify HTML, such as the \htmlData command, and the lack of escaping leads to XSS. Details Overall in the code, other than in the test folder, no functions escaping HTML can be seen. PoC Go to https://cortexjs.io/mathlive/demo/ Paste either \htmlData{><img/onerror=alert(1)"src=}{} or \htmlData{x=" ><img/onerror=alert(1) src>}{} in the LaTeX textarea. Impact MathLive users who render untrusted mathematical expressions could encounter malicious input using \htmlData that runs arbitrary JavaScript, or generate invalid HTML. References https://github.com/arnog/mathlive/security/advisories/GHSA-qwj6-q94f-8425 https://github.com/arnog/mathlive/commit/abc26056fd5e29a99edfa96a0bbe855ea2a8b678 https://github.com/advisories/GHSA-qwj6-q94f-8425
Source: Github Advisory Database (NPM)
January 21st, 2025 (5 months ago)
Description: Sophos noted more than 15 attacks have been reported during the past three months.
Source: Dark Reading
January 21st, 2025 (5 months ago)
Description: A Threat Actor is Allegedly Selling 15,000+ Fullz from the USA
Source: DarkWebInformer
January 21st, 2025 (5 months ago)
Description: Impact Authenticated users are able to exploit an XSS vulnerability when viewing previewed content. Patches Will be patched in 10.8.8, 13.5.3, 14.3.2 and 15.1.2. Workarounds None available. References https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-69cg-w8vm-h229 https://github.com/advisories/GHSA-69cg-w8vm-h229
Source: Github Advisory Database (Nuget)
January 21st, 2025 (5 months ago)
Description: The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country's intelligence community.
Source: Dark Reading
January 21st, 2025 (5 months ago)
Description: Impact The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included Patches compose-go v2.24.1 fixed the issue Workarounds There isn't any known workaround. References https://github.com/docker/compose/issues/12235 https://github.com/compose-spec/compose-go/pull/703 https://github.com/compose-spec/compose-go/pull/618 https://github.com/docker/compose/commit/d239f0f3187a2ed5404c61f83bd5e995c81600ff#diff-33ef32bf6c23acb95f5902d7097b7a1d5128ca061167ec0716715b0b9eeaa5f6R10 References https://github.com/compose-spec/compose-go/security/advisories/GHSA-36gq-35j3-p9r9 https://github.com/docker/compose/issues/12235 https://github.com/compose-spec/compose-go/pull/618 https://github.com/compose-spec/compose-go/pull/703 https://github.com/docker/compose/commit/d239f0f3187a2ed5404c61f83bd5e995c81600ff#diff-33ef32bf6c23acb95f5902d7097b7a1d5128ca061167ec0716715b0b9eeaa5f6R10 https://github.com/advisories/GHSA-36gq-35j3-p9r9
Source: Github Advisory Database (Go)
January 21st, 2025 (5 months ago)
Description: The largest distributed denial-of-service (DDoS) attack to date peaked at&nbsp;5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices. [...]
Source: BleepingComputer
January 21st, 2025 (5 months ago)
Description: The company reports that it is not experiencing any operational issues within its business, so far.
Source: Dark Reading
January 21st, 2025 (5 months ago)
Description: Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. [...]
Source: BleepingComputer
January 21st, 2025 (5 months ago)