CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-12087	Rsync: path traversal vulnerability in rsync Description: A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client. EPSS Score: 0.05% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-12086	Rsync: rsync server leaks arbitrary client files Description: A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client. EPSS Score: 0.05% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-12085	Rsync: info leak via uninitialized stack contents Description: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. EPSS Score: 0.05% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-11864	SCP-Firmware Vulnerability Description: Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-11863	SCP-Firmware Vulnerability Description: Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP EPSS Score: 0.04% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-11736	Org.keycloak:keycloak-quarkus-server: unrestricted admin use of system and environment variables Description: A vulnerability was found in Keycloak. Admin users may have to access sensitive server environment variables and system properties through user-configurable URLs. When configuring backchannel logout URLs or admin URLs, admin users can include placeholders like ${env.VARNAME} or ${PROPNAME}. The server replaces these placeholders with the actual values of environment variables or system properties during URL processing. EPSS Score: 0.07% Source: CVE January 15th, 2025 (6 months ago)
CVE-2024-11734	Org.keycloak:keycloak-quarkus-server: denial of service in keycloak server via security headers Description: A denial of service vulnerability was found in Keycloak that could allow an administrative user with the right to change realm settings to disrupt the service. This action is done by modifying any of the security headers and inserting newlines, which causes the Keycloak server to write to a request that has already been terminated, leading to the failure of said request. EPSS Score: 0.06% Source: CVE January 15th, 2025 (6 months ago)
	Daily Dose of Dark Web Informer - January 14th, 2025 Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts. Source: DarkWebInformer January 14th, 2025 (6 months ago)
	A Threat Actor Claims to be Selling Access to an Unidentified Indian APK and Software Studio Description: A Threat Actor Claims to be Selling Access to an Unidentified Indian APK and Software Studio Source: DarkWebInformer January 14th, 2025 (6 months ago)
	[@lodestar/reqresp] Lodestar snappy decompression issue Description: Impact Unintended permanent chain split affecting greater than or equal to 25% of the network, requiring hard fork (network partition requiring hard fork) Description Lodestar client may fail to decode snappy framing compressed messages. Vulnerability Details In Req/Resp protocol the message are encoded by using ssz_snappy encoding, which is basically snappy framing compression over ssz encoded message. It's mentioned here - https://github.com/ethereum/consensus-specs/blob/dev/specs/phase0/p2p-interface.md The token of the negotiated protocol ID specifies the type of encoding to be used for the req/resp interaction. Only one value is possible at this time: ssz_snappy: The contents are first SSZ-encoded and then compressed with Snappy frames compression. For objects containing a single field, only the field is SSZ-encoded not a container with a single field. For example, the BeaconBlocksByRoot request is an SSZ-encoded list of Root's. This encoding type MUST be supported by all clients. In snappy framing format there a few types of chunks. We are interested in so called reserved skippable chunks. These are chunks with chunk type in range [0x80, 0xfd] Let's see how rust snappy handles them https://github.com/BurntSushi/rust-snappy/blob/master/src/read.rs#L137 impl<R: io::Read> io::Read for FrameDecoder<R> { fn read(&mut self, buf: &mut [u8]) -> io::Result<usize> { ... ... let len = len64 as usize; match ty { ... Source: Github Advisory Database (NPM) January 14th, 2025 (6 months ago)