Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Security outfit SentinelOne's services back online after lengthy outage
Source: TheRegister
May 30th, 2025 (11 days ago)
Feds gut host behind pig butchering scams that bilked $200M from Americans
Source: TheRegister
May 30th, 2025 (11 days ago)
Microsoft Authenticator now warns to export passwords before July cutoff
Description: The Microsoft Authenticator app is now issuing notifications warning that the password autofill feature is being deprecated in July, suggesting users move to Microsoft Edge instead. [...]
Source: BleepingComputer
May 30th, 2025 (11 days ago)
Mozilla releases Firefox 139.0.1 update to fix artifacts on Nvidia GPUs
Description: Mozilla has rolled out an emergency Firefox 139.0.1 update after the Tuesday release caused graphical artifacts on PCs with NVIDIA GPUs. [...]
Source: BleepingComputer
May 30th, 2025 (11 days ago)
[gradio] Gradio Allows Unauthorized File Copy via Path Manipulation
Description: An arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated attackers to copy any readable file from the server's filesystem. While attackers can't read these copied files, they can cause DoS by copying large files (like /dev/urandom) to fill disk space. Description The flagging component doesn't properly validate file paths before copying files. Attackers can send specially crafted requests to the /gradio_api/run/predict endpoint to trigger these file copies. Source: User-controlled path parameter in the flagging functionality JSON payloadSink: shutil.copy operation in FileData._copy_to_dir() method The vulnerable code flow: A JSON payload is sent to the /gradio_api/run/predict endpoint The path field within FileData object can reference any file on the system When processing this request, the Component.flag() method creates a GradioDataModel object The FileData._copy_to_dir() method uses this path without proper validation: def _copy_to_dir(self, dir: str) -> FileData: pathlib.Path(dir).mkdir(exist_ok=True) new_obj = dict(self) if not self.path: raise ValueError("Source file path is not set") new_name = shutil.copy(self.path, dir) # vulnerable sink new_obj["path"] = new_name return self.__class__(**new_obj) The lack of validation allows copying any file the Gradio process can read PoC The following script demonstrates the vulnerability by copying /etc/passwd from the server to Gradio's flagged directory:...
Source: Github Advisory Database (PIP)
May 29th, 2025 (11 days ago)
[github.com/navidrome/navidrome] Navidrome Transcoding Permission Bypass Vulnerability Report
Description: Summary A permission verification flaw in Navidrome allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings. Details Navidrome supports transcoding functionality which, although disabled by default, should restrict configuration operations to administrators only. However, the application fails to properly validate whether a user has administrative privileges when handling transcoding configuration requests. The vulnerability exists in the API endpoints that manage transcoding settings. When a regular user sends requests to these endpoints, the application processes them without verifying if the user has administrative privileges, despite the JWT token clearly indicating the user is not an administrator ("adm":false). The affected endpoints include: POST /api/transcoding (Create transcoding configuration) PUT /api/transcoding/:id (Update transcoding configuration) DELETE /api/transcoding/:id (Delete transcoding configuration) GET /api/transcoding (List transcoding configurations) PoC Set up Navidrome with transcoding enabled Log in as a regular user (non-administrator) Send the following HTTP request: POST /api/transcoding HTTP/1.1 Host: 192.168.199.134:4533 Content-Length: 81 x-nd-client-unique-id: e559d130-4295-401e-b65f-be7fdd564e accept: application/json x-nd-authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJh...
Source: Github Advisory Database (Go)
May 29th, 2025 (11 days ago)
[org.apache.tomcat:tomcat-catalina] Apache Tomcat - CGI security constraint bypass
Description: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue. References https://nvd.nist.gov/vuln/detail/CVE-2025-46701 https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j https://github.com/apache/tomcat/commit/0f01966eb60015d975525019e12a087f05ebf01a https://github.com/apache/tomcat/commit/238d2aa54b99f91d1111467e2237d2244c64e558 https://github.com/apache/tomcat/commit/2c6800111e7d8d8d5403c07978ea9bff3db5a5a5 https://github.com/apache/tomcat/commit/8cb95ff03221067c511b3fa66d4f745bc4b0a605 https://github.com/apache/tomcat/commit/8df00018a252baa9497615d6420fb6c10466fa74 https://github.com/apache/tomcat/commit/fab7247d2f0e3a29d5daef565f829f383e10e5e2 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.41 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.7 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105 https://github.com/advisories/GHSA-h2fw-rfh5-95r3

EPSS Score: 0.02%

Source: Github Advisory Database (Maven)
May 29th, 2025 (11 days ago)
[org.apache.tomcat.embed:tomcat-embed-core] Apache Tomcat - CGI security constraint bypass
Description: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1 through 10.1.40, from 9.0.0.M1 through 9.0.104. Users are recommended to upgrade to version 11.0.7, 10.1.41 or 9.0.105, which fixes the issue. References https://nvd.nist.gov/vuln/detail/CVE-2025-46701 https://lists.apache.org/thread/xhqqk9w5q45srcdqhogdk04lhdscv30j https://github.com/apache/tomcat/commit/0f01966eb60015d975525019e12a087f05ebf01a https://github.com/apache/tomcat/commit/238d2aa54b99f91d1111467e2237d2244c64e558 https://github.com/apache/tomcat/commit/2c6800111e7d8d8d5403c07978ea9bff3db5a5a5 https://github.com/apache/tomcat/commit/8cb95ff03221067c511b3fa66d4f745bc4b0a605 https://github.com/apache/tomcat/commit/8df00018a252baa9497615d6420fb6c10466fa74 https://github.com/apache/tomcat/commit/fab7247d2f0e3a29d5daef565f829f383e10e5e2 https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.41 https://tomcat.apache.org/security-11.html#Fixed_in_Apache_Tomcat_11.0.7 https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.105 https://github.com/advisories/GHSA-h2fw-rfh5-95r3

EPSS Score: 0.02%

Source: Github Advisory Database (Maven)
May 29th, 2025 (11 days ago)

CVE-2025-31264
An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma...
Description: An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

EPSS Score: 0.03%

Source: CVE
May 29th, 2025 (11 days ago)

CVE-2025-31263
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory.
Description: The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory.

EPSS Score: 0.06%

Source: CVE
May 29th, 2025 (11 days ago)