CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-47748 |
Description: Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded password.
EPSS Score: 0.05%
May 28th, 2025 (21 days ago)
|
|
CVE-2024-57338 |
Description: An arbitrary file upload vulnerability in M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a crafted file.
EPSS Score: 0.06%
May 28th, 2025 (21 days ago)
|
|
CVE-2024-57337 |
Description: An arbitrary file upload vulnerability in the opcode 500 functionality of M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x to v7.4.3.960, and v8.x to v8.2.0.345 allows attackers to execute arbitrary code via supplying a crafted file.
EPSS Score: 0.06%
May 28th, 2025 (21 days ago)
|
|
Description: Cator Ruma & Associates Since our founding in 1959, Cator, Ruma & Associates has worked with many architects and clients to build thriving communities across the western and central United States.
May 28th, 2025 (21 days ago)
|
|
Description: Harnessing AI's full transformative potential safely and securely requires more than an incremental enhancement of existing cybersecurity practices. A Secure by Design approach represents the best path forward.
May 28th, 2025 (21 days ago)
|
|
Description: The Interlock ransomware gang is deploying a previously undocumented remote access trojan (RAT) named NodeSnake against educational institutes for persistent access to corporate networks. [...]
May 28th, 2025 (21 days ago)
|
|
Description: Summary
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the file vllm/entrypoints/openai/tool_parsers/pythonic_tool_parser.py of the vLLM project. The root cause is the use of a highly complex and nested regular expression for tool call detection, which can be exploited by an attacker to cause severe performance degradation or make the service unavailable.
Details
The following regular expression is used to match tool/function call patterns:
r"\[([a-zA-Z]+\w*\(([a-zA-Z]+\w*=.*,\s*)*([a-zA-Z]+\w*=.*\s)?\),\s*)*([a-zA-Z]+\w*\(([a-zA-Z]+\w*=.*,\s*)*([a-zA-Z]+\w*=.*\s*)?\)\s*)+\]"
This pattern contains multiple nested quantifiers (*, +), optional groups, and inner repetitions which make it vulnerable to catastrophic backtracking.
Attack Example:
A malicious input such as
[A(A= )A(A=, )A(A=, )A(A=, )... (repeated dozens of times) ...]
or
"[A(A=" + "\t)A(A=,\t" * repeat
can cause the regular expression engine to consume CPU exponentially with the input length, effectively freezing or crashing the server (DoS).
Proof of Concept:
A Python script demonstrates that matching such a crafted string with the above regex results in exponential time complexity. Even moderate input lengths can bring the system to a halt.
Length: 22, Time: 0.0000 seconds, Match: False
Length: 38, Time: 0.0010 seconds, Match: False
Length: 54, Time: 0.0250 seconds, Match: False
Length: 70, Time: 0.5185 seconds, Match: False
Length: 86, Time: 13.2703 seconds, Match: False
Lengt...
May 28th, 2025 (21 days ago)
|
|
|
Description: Summary
A recent review identified several regular expressions in the vllm codebase that are susceptible to Regular Expression Denial of Service (ReDoS) attacks. These patterns, if fed with crafted or malicious input, may cause severe performance degradation due to catastrophic backtracking.
1. vllm/lora/utils.py Line 173
https://github.com/vllm-project/vllm/blob/2858830c39da0ae153bc1328dbba7680f5fbebe1/vllm/lora/utils.py#L173
Risk Description:
The regex r"\((.*?)\)\$?$" matches content inside parentheses. If input such as ((((a|)+)+)+) is passed in, it can cause catastrophic backtracking, leading to a ReDoS vulnerability.
Using .*? (non-greedy match) inside group parentheses can be highly sensitive to input length and nesting complexity.
Remediation Suggestions:
Limit the input string length.
Use a non-recursive matching approach, or write a regex with stricter content constraints.
Consider using possessive quantifiers or atomic groups (not supported in Python yet), or split and process before regex matching.
2. vllm/entrypoints/openai/tool_parsers/phi4mini_tool_parser.py Line 52
https://github.com/vllm-project/vllm/blob/2858830c39da0ae153bc1328dbba7680f5fbebe1/vllm/entrypoints/openai/tool_parsers/phi4mini_tool_parser.py#L52
Risk Description:
The regex r'functools\[(.*?)\]' uses .*? to match content inside brackets, together with re.DOTALL. If the input contains a large number of nested or crafted brackets, it can cause backtracking and ReDoS.
Remediation Suggestio...
May 28th, 2025 (21 days ago)
|
|
|
Description: Summary
This advisory addresses a security vulnerability in Mautic where unpublished page previews could be accessed by unauthenticated users and potentially indexed by search engines. This could lead to the unintended disclosure of draft content or sensitive information.
Unauthorized Access to Unpublished Page Previews: The page preview functionality for unpublished content, accessible via predictable URLs (e.g., /page/preview/1, /page/preview/2), lacked proper authorization checks. This allowed any unauthenticated user to view content that was not yet intended for public release, and allowed search engines to index these private preview URLs, making the content publicly discoverable.
Mitigation
Mautic has patched this vulnerability by enforcing proper permission checks on preview pages. Users should upgrade to the patched version of Mautic or later.
References
https://github.com/mautic/mautic/security/advisories/GHSA-cqx4-9vqf-q3m8
https://github.com/advisories/GHSA-cqx4-9vqf-q3m8
May 28th, 2025 (21 days ago)
|
|
|
Description: Summary
This advisory addresses a security vulnerability in Mautic where sensitive .env configuration files may be directly accessible via a web browser. This exposure could lead to the disclosure of sensitive information, including database credentials, API keys, and other critical system configurations.
Sensitive Information Disclosure via .env File Exposure: The .env file, which typically contains environment variables and sensitive application configurations, is directly accessible via a web browser due to missing web server configurations that restrict access to such files. This allows an unauthenticated attacker to view the contents of this file by simply navigating to its URL.
Mitigation
Update Mautic to the latest Mautic version.
By default, Mautic does not use .env files for production data.
For Apache users: Ensure your web server is configured to respect .htaccess files.
For Nginx users: As Nginx does not inherently support .htaccess files, you must manually add a configuration block to your Nginx server configuration to deny access to .env files. Add the following to your Nginx configuration for the Mautic site:
location ~ /\.env {
deny all;
}
After modifying your Nginx configuration, remember to reload or restart your Nginx service for the changes to take effect.
References
https://github.com/mautic/mautic/security/advisories/GHSA-h2wg-v8wg-jhxh
https://github.com/advisories/GHSA-h2wg-v8wg-jhxh
May 28th, 2025 (21 days ago)
|