Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2023-6484	Keycloak: log injection during webauthn authentication or registration Description: A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity. EPSS Score: 0.05% Source: CVE December 7th, 2024 (5 months ago)
CVE-2023-5625	Python-eventlet: patch regression for cve-2021-21419 in some red hat builds Description: A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products. EPSS Score: 0.13% Source: CVE December 7th, 2024 (5 months ago)
CVE-2023-5189	Hub: insecure galaxy-importer tarfile extraction Description: A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten. EPSS Score: 0.13% Source: CVE December 7th, 2024 (5 months ago)
CVE-2023-5115	Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files Description: An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path. EPSS Score: 0.11% Source: CVE December 7th, 2024 (5 months ago)
CVE-2023-4727	Ca: token authentication bypass vulnerability Description: A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege. EPSS Score: 0.04% Source: CVE December 7th, 2024 (5 months ago)
CVE-2023-3758	Sssd: race condition during authorization leads to gpo policies functioning inconsistently Description: A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately. EPSS Score: 0.04% Source: CVE December 7th, 2024 (5 months ago)
CVE-2023-34968	Samba: spotlight server-side share path disclosure Description: A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path. EPSS Score: 0.33% Source: CVE December 7th, 2024 (5 months ago)
CVE-2023-3347	Samba: smb2 packet signing is not enforced when "server signing = required" is set Description: A vulnerability was found in Samba's SMB2 packet signing mechanism. The SMB2 packet signing is not enforced if an admin configured "server signing = required" or for SMB2 connections to Domain Controllers where SMB2 packet signing is mandatory. This flaw allows an attacker to perform attacks, such as a man-in-the-middle attack, by intercepting the network traffic and modifying the SMB2 messages between client and server, affecting the integrity of the data. EPSS Score: 0.1% Source: CVE December 7th, 2024 (5 months ago)
	Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams Description: Unit 42 probes network abuses around events like the Olympics, featuring case studies of scams and phishing through domain registrations and more. The post Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams appeared first on Unit 42. Source: Palo Alto Unit42 December 6th, 2024 (5 months ago)
	[shared_preferences_android] shared_preferences_android vulnerability Description: Impact Due to some data types not being natively representable for the available storage options, shared_preferences_android serializes and deserializes special string prefixes to store these unrepresentable data types. This allows arbitrary classes to be deserialized leading to arbitrary code execution. As a result, Files containing the preferences can be overwritten with a malicious one with a deserialization payload that triggers as soon as the data is loaded from the disk. Patches 2.3.4 Workarounds Update to the latest version of shared_preferences_android that contains the changes to address this vulnerability. References TBD For more information See our community page to find ways to contact the team. Thanks Thank you so much to Oskar Zeino-Mahmalat from sonarsource for finding and reporting this issue! References https://github.com/flutter/packages/security/advisories/GHSA-3hpf-ff72-j67p https://github.com/flutter/packages/commit/15501ece235684a3bdddad089345fc3e33dc1df3 https://github.com/advisories/GHSA-3hpf-ff72-j67p Source: Github Advisory Database (Pub) December 6th, 2024 (5 months ago)