CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Summary
The GeoWebCache home page includes version and revision information about the software in use. This information is sensitive from a security point of view because it allows software used by the server to be easily identified.
Details
org.geowebcache.GeoWebCacheDispatcher.handleFrontPage(HttpServletRequest, HttpServletResponse) has no check to hide potentially sensitive information from users except for a hidden system property to hide the storage locations that defaults to showing the locations.
PoC
Just open http://localhost:8080/geoserver/gwc/
Impact
In addition to exposing the version and revision information, the home page will expose the config file and storage locations which may expose the system's temp directory location and whether or not GeoServer is running in a Windows operating system. The approximate server start time and some basic GWC usage information is also exposed.
References
https://osgeo-org.atlassian.net/browse/GEOS-11677
https://github.com/geoserver/geoserver/pull/8189
https://github.com/GeoWebCache/geowebcache/issues/1344
https://github.com/GeoWebCache/geowebcache/pull/1345
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-jm79-7xhw-6f6f
https://github.com/GeoWebCache/geowebcache/issues/1344
https://github.com/GeoWebCache/geowebcache/pull/1345
https://github.com/geoserver/geoserver/pull/8189
https://osgeo-org.atlassian.net/browse/GEOS-11677
https://nvd.nist.gov/vuln/detail/CVE-2024-38524
https://github.com/advisori...
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
June 10th, 2025 (12 days ago)
|
|
|
Description: Summary
The GeoWebCache home page includes version and revision information about the software in use. This information is sensitive from a security point of view because it allows software used by the server to be easily identified.
Details
org.geowebcache.GeoWebCacheDispatcher.handleFrontPage(HttpServletRequest, HttpServletResponse) has no check to hide potentially sensitive information from users except for a hidden system property to hide the storage locations that defaults to showing the locations.
PoC
Just open http://localhost:8080/geoserver/gwc/
Impact
In addition to exposing the version and revision information, the home page will expose the config file and storage locations which may expose the system's temp directory location and whether or not GeoServer is running in a Windows operating system. The approximate server start time and some basic GWC usage information is also exposed.
References
https://osgeo-org.atlassian.net/browse/GEOS-11677
https://github.com/geoserver/geoserver/pull/8189
https://github.com/GeoWebCache/geowebcache/issues/1344
https://github.com/GeoWebCache/geowebcache/pull/1345
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-jm79-7xhw-6f6f
https://github.com/GeoWebCache/geowebcache/issues/1344
https://github.com/GeoWebCache/geowebcache/pull/1345
https://github.com/geoserver/geoserver/pull/8189
https://osgeo-org.atlassian.net/browse/GEOS-11677
https://nvd.nist.gov/vuln/detail/CVE-2024-38524
https://github.com/advisori...
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
June 10th, 2025 (12 days ago)
|
|
|
Description: Summary
The Coverage rest api /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} allow to upload file with a specified url (with {method} equals 'url') with no restrict.
Details
The Coverage rest api /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} allow to upload file with a specified url (with {method} equals 'url'). But this url has not been check with URL Checks feature.
For example, should add the code below to check fileURL:
URLCheckers.confirm(fileURL)
The vulnerable code was RESTUtils.java
Impact
This vulnerability presents the opportunity for Server Side Request Forgery.
References
https://osgeo-org.atlassian.net/browse/GEOS-11468
https://osgeo-org.atlassian.net/browse/GEOS-11717
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-r4hf-r8gj-jgw2
https://osgeo-org.atlassian.net/browse/GEOS-11468
https://osgeo-org.atlassian.net/browse/GEOS-11717
https://nvd.nist.gov/vuln/detail/CVE-2024-40625
https://github.com/advisories/GHSA-r4hf-r8gj-jgw2
CVSS: MEDIUM (5.5) EPSS Score: 0.04%
June 10th, 2025 (12 days ago)
|
|
|
Description: Summary
The Coverage rest api /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} allow to upload file with a specified url (with {method} equals 'url') with no restrict.
Details
The Coverage rest api /workspaces/{workspaceName}/coveragestores/{storeName}/{method}.{format} allow to upload file with a specified url (with {method} equals 'url'). But this url has not been check with URL Checks feature.
For example, should add the code below to check fileURL:
URLCheckers.confirm(fileURL)
The vulnerable code was RESTUtils.java
Impact
This vulnerability presents the opportunity for Server Side Request Forgery.
References
https://osgeo-org.atlassian.net/browse/GEOS-11468
https://osgeo-org.atlassian.net/browse/GEOS-11717
References
https://github.com/geoserver/geoserver/security/advisories/GHSA-r4hf-r8gj-jgw2
https://osgeo-org.atlassian.net/browse/GEOS-11468
https://osgeo-org.atlassian.net/browse/GEOS-11717
https://nvd.nist.gov/vuln/detail/CVE-2024-40625
https://github.com/advisories/GHSA-r4hf-r8gj-jgw2
CVSS: MEDIUM (5.5) EPSS Score: 0.04%
June 10th, 2025 (12 days ago)
|
|
Coordinated Brute Force Activity Targeting Apache Tomcat Manager Indicates Possible Upcoming Threats
Description: GreyNoise recently observed a coordinated spike in malicious activity against Apache Tomcat Manager interfaces. On June 5, 2025, two GreyNoise tags — Tomcat Manager Brute Force Attempt and Tomcat Manager Login Attempt — registered well above baseline volumes, indicating a deliberate attempt to identify and access exposed Tomcat services at scale.
June 10th, 2025 (12 days ago)
|
|
Description: Petroquim Chile
June 10th, 2025 (12 days ago)
|
|
|
Description: All data of this company will be available for download on 22.06.2025 The MMG-PPC Cooperative Hospital now known as Palawan Medical Mission Group Multipurpose Cooperative (PMMGMPC) is owned and managed by its members whose aim is to provide ...
June 10th, 2025 (12 days ago)
|
|
|
Description: RMZ Oil field was established by the team of oilfield experts with respective experience in providing "complete solution for oilfield industry", RMZ is a Singapore based company specializes in design and manufacturing of oilfield Equipment's ...
June 10th, 2025 (12 days ago)
|
|
Description: The campaign has affected hundreds of Russian users, particularly targeting industrial enterprises and engineering schools, with additional victims reported in Belarus and Kazakhstan.
June 10th, 2025 (12 days ago)
|
|
Description: The scheme is based in Cambodia, where people residing in scam centers contact U.S. victims through phone calls, texts, dating apps and other avenues to promote fake cryptocurrency investments.
June 10th, 2025 (12 days ago)
|