CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-12084
Rsync: heap buffer overflow in rsync due to improper checksum length handling
Description: A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.

EPSS Score: 0.06%

Source: CVE
January 16th, 2025 (6 months ago)

CVE-2024-11029
Freeipa: administrative user data leaked through systemd journal
Description: A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.

EPSS Score: 0.05%

Source: CVE
January 16th, 2025 (6 months ago)
Daily Dose of Dark Web Informer - January 15th, 2025
Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Source: DarkWebInformer
January 16th, 2025 (6 months ago)
GoDaddy slapped with wet lettuce for years of lax security and 'several major breaches'
Source: TheRegister
January 16th, 2025 (6 months ago)
[islandora/crayfish] Crayfish allows Remote Code Execution via Homarus Authorization header
Description: Impact What kind of vulnerability is it? Who is impacted? Remote code execution may be possible in web-accessible installations of Homarus in certain configurations. Patches Has the problem been patched? What versions should users upgrade to? The issue has been patched in islandora/crayfish:4.1.0 Workarounds Is there a way for users to fix or remediate the vulnerability without upgrading? The exploit requires making a request against the Homarus's /convert endpoint; therefore, the ability to exploit is much reduced if the microservice is not directly accessible from the Internet, so: Prevent general access from the Internet from hitting Homarus. Configure auth in Crayfish to be more strongly required, such that requests with Authorization headers that do not validate are rejected before the problematic CLI interpolation occurs. References Are there any links users can visit to find out more? XBOW-024-071 References https://github.com/Islandora/Crayfish/security/advisories/GHSA-mm6v-68qp-f9fw https://github.com/Islandora/Crayfish/commit/64cb4cec688928798cc40e6f0a0e863d7f69fd89 https://github.com/advisories/GHSA-mm6v-68qp-f9fw
Source: Github Advisory Database (Composer)
January 15th, 2025 (6 months ago)
Prestige Maintenance USA has Fallen Victim to MEDUSA Ransomware
Description: Prestige Maintenance USA has Fallen Victim to MEDUSA Ransomware
Source: DarkWebInformer
January 15th, 2025 (6 months ago)
DJI loosens flight restrictions, decides to trust operators to follow FAA rules
Source: TheRegister
January 15th, 2025 (6 months ago)
Attackers Hijack Google Advertiser Accounts to Spread Malware
Description: It's an especially brazen form of malvertising, researchers say, striking at the heart of Google's business; the tech giant says it's aware of the issue and is working quickly to address the problem.
Source: Dark Reading
January 15th, 2025 (6 months ago)
SAP fixes critical vulnerabilities in NetWeaver application servers
Description: SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. [...]
Source: BleepingComputer
January 15th, 2025 (6 months ago)
[sentry] Sentry's improper authentication on SAML SSO process allows user impersonation
Description: Impact A critical vulnerability was discovered in the SAML SSO implementation of Sentry. It was reported to us via our private bug bounty program. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organization on the same Sentry instance. The victim email address must be known in order to exploit this vulnerability. Patches Sentry SaaS: The fix was deployed on Jan 14, 2025. Self-Hosted Sentry: If only a single organization is allowed (SENTRY_SINGLE_ORGANIZATION = True), then no action is needed. Otherwise, users should upgrade to version 25.1.0 or higher. Workarounds No known workarounds. References https://github.com/getsentry/sentry/pull/83407 References https://github.com/getsentry/sentry/security/advisories/GHSA-7pq6-v88g-wf3w https://github.com/getsentry/sentry/pull/83407 https://github.com/getsentry/sentry/commit/6db508f7949d117c7dff748a3c82c3a272bf7cfd https://github.com/advisories/GHSA-7pq6-v88g-wf3w
Source: Github Advisory Database (PIP)
January 15th, 2025 (6 months ago)