CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: The European Union sanctioned three hackers, part of Unit 29155 of Russia's military intelligence service (GRU), for their involvement in cyberattacks targeting Estonia's government agencies in 2020. [...]
January 27th, 2025 (5 months ago)
|
|
|
Description: Windows 11 taskbar is testing a new feature that helps you understand the current power state of your laptop's battery, including showing the battery percentage directly on the taskbar. [...]
January 27th, 2025 (5 months ago)
|
|
|
Description: In a slate of several bills restricting reproductive rights and divorce, Oklahoma senator Dusty Deevers suggests anyone making anything even vaguely pornographic should go to jail.
January 27th, 2025 (5 months ago)
|
|
|
Description: The Phemex crypto exchange suffered a massive security breach on Thursday where threat actors stole over $85 million worth of cryptocurrency. [...]
January 27th, 2025 (5 months ago)
|
CVE-2024-52012 |
Description: Relative Path Traversal vulnerability in Apache Solr.
Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.
This issue affects Apache Solr: from 6.6 through 9.7.0.
Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.
References
https://nvd.nist.gov/vuln/detail/CVE-2024-52012
https://lists.apache.org/thread/yp39pgbv4vf1746pf5yblz84lv30vfxd
http://www.openwall.com/lists/oss-security/2025/01/26/2
https://github.com/apache/solr/commit/5795edd143b8fcb2ffaf7f278a099b8678adf396
https://issues.apache.org/jira/browse/SOLR-17543
https://github.com/advisories/GHSA-4p5m-gvpf-f3x5
EPSS Score: 0.04%
January 27th, 2025 (5 months ago)
|
|
CVE-2025-24814 |
Description: Core creation allows users to replace "trusted" configset files with arbitrary configuration
Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual "trusted" configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem. These replacement config files are treated as "trusted" and can use "" tags to add to Solr's classpath, which an attacker might use to load malicious code as a searchComponent or other plugin.
This issue affects all Apache Solr versions up through Solr 9.7. Users can protect against the vulnerability by enabling authentication and authorization on their Solr clusters or switching to SolrCloud (and away from "FileSystemConfigSetService"). Users are also recommended to upgrade to Solr 9.8.0, which mitigates this issue by disabling use of "" tags by default.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-24814
https://lists.apache.org/thread/gl291pn8x9f9n52ys5l0pc0b6qtf0qw1
http://www.openwall.com/lists/oss-security/2025/01/26/1
https://github.com/apache/solr/commit/f492e24881c5724a1b1baecfc9549e2cb0257525
https://issues.apache.org/jira/browse/SOLR-16781
https://github.com/advisories/GHSA-68r2-fwcg-qpm8
EPSS Score: 0.04%
January 27th, 2025 (5 months ago)
|
|
CVE-2025-24783 |
Description: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Apache Cocoon.
This issue affects Apache Cocoon: all versions.
When a continuation is created, it gets a random identifier. Because the random number generator used to generate these identifiers was seeded with the startup time, it may not have been sufficiently unpredictable, and an attacker could use this to guess continuation ids and look up continuations they should not have had access to.
As a mitigation, you may enable the "session-bound-continuations" option to make sure continuations are not shared across sessions.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-24783
https://lists.apache.org/thread/pk86jp5cvn41432op8wv1k8p14mp27nz
https://github.com/apache/cocoon/blob/32a4e41183ba74351d85060011151b2d58acfc52/blocks/cocoon-forms/cocoon-forms-impl/src/main/java/org/apache/cocoon/forms/formmodel/CaptchaField.java#L70
https://github.com/apache/cocoon/blob/32a4e41183ba74351d85060011151b2d58acfc52/core/cocoon-sitemap/cocoon-sitemap-impl/src/main/java/org/apache/cocoon/components/flow/ContinuationsManagerImpl.java#L112
https://github.com/advisories/GHSA-pff9-53m5-qr56
EPSS Score: 0.04%
January 27th, 2025 (5 months ago)
|
|
CVE-2025-24783 |
Description: Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Apache Cocoon.
This issue affects Apache Cocoon: all versions.
When a continuation is created, it gets a random identifier. Because the random number generator used to generate these identifiers was seeded with the startup time, it may not have been sufficiently unpredictable, and an attacker could use this to guess continuation ids and look up continuations they should not have had access to.
As a mitigation, you may enable the "session-bound-continuations" option to make sure continuations are not shared across sessions.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
References
https://nvd.nist.gov/vuln/detail/CVE-2025-24783
https://lists.apache.org/thread/pk86jp5cvn41432op8wv1k8p14mp27nz
https://github.com/apache/cocoon/blob/32a4e41183ba74351d85060011151b2d58acfc52/blocks/cocoon-forms/cocoon-forms-impl/src/main/java/org/apache/cocoon/forms/formmodel/CaptchaField.java#L70
https://github.com/apache/cocoon/blob/32a4e41183ba74351d85060011151b2d58acfc52/core/cocoon-sitemap/cocoon-sitemap-impl/src/main/java/org/apache/cocoon/components/flow/ContinuationsManagerImpl.java#L112
https://github.com/advisories/GHSA-pff9-53m5-qr56
EPSS Score: 0.04%
January 27th, 2025 (5 months ago)
|
|
|
Description: A Threat Actor Claims to be Selling Multiple Traders Leads Data
January 27th, 2025 (5 months ago)
|
|
|
Description: Microsoft reminded Microsoft 365 admins that its new brand impersonation protection feature for Teams Chat will be available for all customers by mid-February 2025. [...]
January 27th, 2025 (5 months ago)
|