CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-5037	Openshift/telemeter: iss check during jwt authentication can be bypassed Description: A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication. EPSS Score: 0.14% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-45819	libxl leaks data to PVH guests via ACPI tables Description: PVH guests have their ACPI tables constructed by the toolstack. The construction involves building the tables in local memory, which are then copied into guest memory. While actually used parts of the local memory are filled in correctly, excess space that is being allocated is left with its prior contents. EPSS Score: 0.04% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-45818	Deadlock in x86 HVM standard VGA handling Description: The hypervisor contains code to accelerate VGA memory accesses for HVM guests, when the (virtual) VGA is in "standard" mode. Locking involved there has an unusual discipline, leaving a lock acquired past the return from the function that acquired it. This behavior results in a problem when emulating an instruction with two memory accesses, both of which touch VGA memory (plus some further constraints which aren't relevant here). When emulating the 2nd access, the lock that is already being held would be attempted to be re-acquired, resulting in a deadlock. This deadlock was already found when the code was first introduced, but was analysed incorrectly and the fix was incomplete. Analysis in light of the new finding cannot find a way to make the existing locking discipline work. In staging, this logic has all been removed because it was discovered to be accidentally disabled since Xen 4.7. Therefore, we are fixing the locking problem by backporting the removal of most of the feature. Note that even with the feature disabled, the lock would still be acquired for any accesses to the VGA MMIO region. EPSS Score: 0.04% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-45497	Openshift-api: build process in openshift allows overwriting of node pull credentials Description: A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories. The mount is not read-only, which allows the attacker to overwrite it. By modifying the config.json file, the attacker can cause a denial of service by preventing the node from pulling new images and potentially exfiltrating sensitive secrets. This flaw impacts the availability of services dependent on image pulls and exposes sensitive information to unauthorized parties. EPSS Score: 0.04% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-39025	Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data. Description: Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data. EPSS Score: 0.04% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-25133	Openshift-dedicated: hive: rce through aws/kubernetes client configuration leads to privilege escalation Description: A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod. EPSS Score: 0.05% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-12582	Skupper: skupper-cli: flawed authentication method may lead to arbitrary file read or denial of service Description: A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud environment. When the default authentication method is used, a random password is generated for the "admin" user and is persisted in either a Kubernetes secret or a podman volume in a plaintext file. This authentication method can be manipulated by an attacker, leading to the reading of any user-readable file in the container filesystem, directly impacting data confidentiality. Additionally, the attacker may induce skupper to read extremely large files into memory, resulting in resource exhaustion and a denial of service attack. EPSS Score: 0.04% Source: CVE January 1st, 2025 (6 months ago)
CVE-2024-11972	Hunk Companion < 1.9.0 - Unauthenticated Plugin Installation Description: The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin before 1.9.0 that have been closed. EPSS Score: 0.04% Source: CVE January 1st, 2025 (6 months ago)
	Daily Dose of Dark Web Informer - December 31st, 2024 Description: This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts. Source: DarkWebInformer December 31st, 2024 (6 months ago)
	Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability Description: The jailbreak technique "Bad Likert Judge" manipulates LLMs to generate harmful content using Likert scales, exposing safety gaps in LLM guardrails. The post Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability appeared first on Unit 42. Source: Palo Alto Unit42 December 31st, 2024 (6 months ago)