CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: GPT-5 might be just a few days or weeks away, as we've spotted references to a new model called gpt-5-reasoning-alpha-2025-07-13. [...]
July 19th, 2025 (1 day ago)
|
|
July 19th, 2025 (1 day ago)
|
CVE-2025-38350 |
Description: In the Linux kernel, the following vulnerability has been resolved:
net/sched: Always pass notifications when child class becomes empty
Certain classful qdiscs may invoke their classes' dequeue handler on an
enqueue operation. This may unexpectedly empty the child qdisc and thus
make an in-flight class passive via qlen_notify(). Most qdiscs do not
expect such behaviour at this point in time and may re-activate the
class eventually anyways which will lead to a use-after-free.
The referenced fix commit attempted to fix this behavior for the HFSC
case by moving the backlog accounting around, though this turned out to
be incomplete since the parent's parent may run into the issue too.
The following reproducer demonstrates this use-after-free:
tc qdisc add dev lo root handle 1: drr
tc filter add dev lo parent 1: basic classid 1:1
tc class add dev lo parent 1: classid 1:1 drr
tc qdisc add dev lo parent 1:1 handle 2: hfsc def 1
tc class add dev lo parent 2: classid 2:1 hfsc rt m1 8 d 1 m2 0
tc qdisc add dev lo parent 2:1 handle 3: netem
tc qdisc add dev lo parent 3:1 handle 4: blackhole
echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888
tc class delete dev lo classid 1:1
echo 1 | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888
Since backlog accounting issues leading to a use-after-frees on stale
class pointers is a recurring pattern at this point, this patch takes
a different approach. Instead of trying to fix the accounting, the patch
...
EPSS Score: 0.02%
July 19th, 2025 (1 day ago)
|
|
Description: AI companies could soon disrupt the education market with their new AI-based learning tools for students. [...]
July 19th, 2025 (1 day ago)
|
|
Description: Data from various companies in Dave Tan's holding.
July 19th, 2025 (1 day ago)
|
|
|
Description: We offer a wide selection of furniture, mattresses, flooring, appliances and electronics from the most popular brands. Come and visit us today! See our exclusive selection on Ashley, Smith Brothers,England, Flexsteel, Sealy, Tempur-pedic, Beautyrest, Serta, Liberty, La-Z-Boy, Hunter Douglas Window Fashions, LEES, Karastan, Whirlpool, GE, Samsung, Sony, Kinetico water systems and much more! © 2017 Ernie's Store Inc. All Right Reserved. Website powered & designed by Tailbase. Prices, configurations, promotions, and in-store availability may change without notice. All product photos are for illustrative purposes only. Photos displayed on website may contain optional items that are not included in the default configuration for that system. Actual Furniture may vary in design.
Employees: 88
Industry: Retail
Downloaded: +30GB
Phone Number:(402) 665-3151
July 18th, 2025 (1 day ago)
|
|
CVE-2025-50583 |
Description: StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Student module.
EPSS Score: 0.02%
July 18th, 2025 (1 day ago)
|
|
CVE-2025-50582 |
Description: StudentManage v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Add A New Course module.
EPSS Score: 0.02%
July 18th, 2025 (1 day ago)
|
|
CVE-2025-50581 |
Description: MRCMS v3.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/group/save.do.
EPSS Score: 0.02%
July 18th, 2025 (1 day ago)
|
|
Description: Summary
The ConfigCommentParser#parseJSONLikeConfig API is vulnerable to a Regular Expression Denial of Service (ReDoS) attack in its only argument.
Details
The regular expression at packages/plugin-kit/src/config-comment-parser.js:158 is vulnerable to a quadratic runtime attack because the grouped expression is not anchored. This can be solved by prepending the regular expression with [^-a-zA-Z0-9/].
PoC
const { ConfigCommentParser } = require("@eslint/plugin-kit");
const str = `${"A".repeat(1000000)}?: 1 B: 2`;
console.log("start")
var parser = new ConfigCommentParser();
console.log(parser.parseJSONLikeConfig(str));
console.log("end")
// run `npm i @eslint/[email protected]` and `node attack.js`
// then the program will stuck forever with high CPU usage
Impact
This is a Regular Expression Denial of Service attack which may lead to blocking execution and high CPU usage.
References
https://github.com/eslint/rewrite/security/advisories/GHSA-xffm-g5w8-qvg7
https://github.com/eslint/rewrite/commit/b283f64099ad6c6b5043387c091691d21b387805
https://github.com/advisories/GHSA-xffm-g5w8-qvg7
July 18th, 2025 (1 day ago)
|