CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-24420 |
Description: A reachable assertion in the decode_linked_ti_ie function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
EPSS Score: 0.04%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-24419 |
Description: The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_traffic_flow_template_packet_filter function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
EPSS Score: 0.05%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-24418 |
Description: The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_pdn_address function at /nas/ies/PdnAddress.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
EPSS Score: 0.05%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-24417 |
Description: The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
EPSS Score: 0.05%
January 22nd, 2025 (5 months ago)
|
|
CVE-2024-24416 |
Description: The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.
EPSS Score: 0.05%
January 22nd, 2025 (5 months ago)
|
|
Description: HTML Cheat Sheet
January 21st, 2025 (5 months ago)
|
|
|
Description: In a letter sent today, the acting DHS secretary terminated membership to all advisory boards, including the Cyber Safety Review Board (CSRB) tasked with investigating state-sponsored cyber threats against the US.
January 21st, 2025 (5 months ago)
|
|
|
Description: Impact
With careful use of the --mount flag in RUN instructions in Containerfiles, and by using either multi-stage builds with use of concurrently-executing build stages (e.g., using the --jobs CLI flag) or multiple separate but concurrently-executing builds, a malicious Containerfile can be used to expose content from the build host to the command being run using the RUN instruction. This can be used to read or write contents using the privileges of the process which is performing the build. When that process is a root-owned podman system service which is provided for use by unprivileged users, this includes the ability to read and write contents which the client should not be allowed to read and write, including setuid executables in locations where they can be later accessed by unprivileged users.
Patches
Patches have been merged to the main branch, and will be added to upcoming releases on the release-1.38, release-1.37, release-1.35, and release-1.33 branches.
This addressed a number of Jira cards, but primarily https://issues.redhat.com/browse/RHEL-67616 and https://issues.redhat.com/browse/RHEL-67618, which were then vendored into Podman and backported into olde rbranches.
Workarounds
Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled.
References
https://github.com/containers/buildah/security/advisories/GHSA-5vpc-35f4-r8w6
https://issues.redhat.com/browse/RHEL-67616
https://issues.redhat.com/br...
January 21st, 2025 (5 months ago)
|
|
|
Description: Summary
Despite normal text rendering as LaTeX expressions, preventing XSS, the library also provides users with commands which may modify HTML, such as the \htmlData command, and the lack of escaping leads to XSS.
Details
Overall in the code, other than in the test folder, no functions escaping HTML can be seen.
PoC
Go to https://cortexjs.io/mathlive/demo/
Paste either \htmlData{><img/onerror=alert(1)"src=}{} or \htmlData{x=" ><img/onerror=alert(1) src>}{} in the LaTeX textarea.
Impact
MathLive users who render untrusted mathematical expressions could encounter malicious input using \htmlData that runs arbitrary JavaScript, or generate invalid HTML.
References
https://github.com/arnog/mathlive/security/advisories/GHSA-qwj6-q94f-8425
https://github.com/arnog/mathlive/commit/abc26056fd5e29a99edfa96a0bbe855ea2a8b678
https://github.com/advisories/GHSA-qwj6-q94f-8425
January 21st, 2025 (5 months ago)
|
|
|
Description: Sophos noted more than 15 attacks have been reported during the past three months.
January 21st, 2025 (5 months ago)
|