CyberAlerts

CVE-2024-11623

Description: Authentik project is vulnerable to Stored XSS attacks through uploading crafted SVG files that are used as application icons. This action could only be performed by an authenticated admin user. The issue was fixed in 2024.10.4 release.

CVSS: MEDIUM (4.8)

EPSS Score: 0.05%

Source: CVE

February 5th, 2025 (5 months ago)

CVE-2024-11468

Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a flaw in the installation process. Successful...

Description: Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a flaw in the installation process. Successful exploitation of this issue may allow attackers with user privileges to escalate their privileges to root on the system where the Horizon Client for macOS is installed.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE

February 5th, 2025 (5 months ago)

CVE-2024-11467

Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a logic flaw. Successful exploitation of this...

Description: Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a logic flaw. Successful exploitation of this issue may allow attackers with user privileges to escalate their privileges to root on the system where the Horizon Client for macOS is installed.

CVSS: HIGH (7.8)

EPSS Score: 0.04%

Source: CVE

February 5th, 2025 (5 months ago)

CVE-2024-10239

fld->used_bytes without sanity check causes stack overflow

Description: A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 . An attacker with administrator privileges can upload a specially crafted image, which can cause a stack overflow due to the unchecked fat->fsd.max_fld.

CVSS: HIGH (7.2)

EPSS Score: 0.04%

Source: CVE

February 5th, 2025 (5 months ago)

CVE-2024-10238

fld->used_bytes without sanity check causes stack overflow

Description: A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6. An attacker can upload a specially crafted image that will cause a stack overflow is caused by not checking fld->used_bytes.

CVSS: HIGH (7.2)

EPSS Score: 0.04%

Source: CVE

February 5th, 2025 (5 months ago)

CVE-2024-10237

SMC BMC Firmware Image Authentication Design Issue

Description: There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD-X12DPG-OA6 . An attacker can modify the firmware to bypass BMC inspection and bypass the signature verification process

CVSS: HIGH (7.2)

EPSS Score: 0.04%

Source: CVE

February 5th, 2025 (5 months ago)

CVE-2025-0509

[github.com/sparkle-project/Sparkle] Sparkle Signing Checks Bypass

Description: A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks. References https://nvd.nist.gov/vuln/detail/CVE-2025-0509 https://github.com/sparkle-project/Sparkle/pull/2550 https://security.netapp.com/advisory/ntap-20250124-0008 https://sparkle-project.org/documentation/security-and-reliability https://github.com/advisories/GHSA-wc9m-r3v6-9p5h

EPSS Score: 0.04%

Source: Github Advisory Database (Swift)

February 5th, 2025 (5 months ago)

Google: How to make any AMD Zen CPU always generate 4 as a random number

Source: TheRegister

February 4th, 2025 (5 months ago)

Credential Theft Becomes Cybercriminals' Favorite Target

Description: Researchers measured a threefold increase in credential stealing between 2023 and 2024, with more than 11.3 million such thefts last year.

Source: Dark Reading

February 4th, 2025 (5 months ago)

[github.com/edgelesssys/marblerun] MarbleRun unauthenticated recovery allows Coordinator impersonation

Description: Impact During recovery, a Coordinator only verifies that a given recovery key decrypts the sealed state, not if this key was provided by a party with access to one of the recovery keys defined in the manifest. This allows an attacker to manually craft a sealed state using their own recovery keys, and a manifest that does not match the rest of the state. If network traffic is redirected from the legitimate coordinator to the attacker's Coordinator, a remote party is susceptible to impersonation if they verify the Coordinator without comparing the root certificate of the Coordinator against a trusted reference. Under these circumstances, an attacker can trick a remote party into trusting the malicious Coordinator by presenting a manifest that does not match the actual state of the deployment. This issue does not affect the following: secrets and state of the legitimate Coordinator instances integrity of workloads certificates chaining back to the legitimate Coordinator root certificate Patches The issue has been patched in v1.7.0. Workarounds Connections that purely authenticate based on a known Coordinator's root certificate, e.g. the one retrieved when using the marblerun manifest set CLI command, are not affected. References https://github.com/edgelesssys/marblerun/security/advisories/GHSA-w7wm-2425-7p2h https://github.com/edgelesssys/marblerun/commit/e4864f9f1d0f12a4a7d28514da43bcc75603a5b5 https://github.com/edgelesssys/marblerun/releases/tag/v1.7.0 https://github.co...

Source: Github Advisory Database (Go)

February 4th, 2025 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-11623	Stored XSS in authentik Description: Authentik project is vulnerable to Stored XSS attacks through uploading crafted SVG files that are used as application icons. This action could only be performed by an authenticated admin user. The issue was fixed in 2024.10.4 release. CVSS: MEDIUM (4.8) EPSS Score: 0.05% Source: CVE February 5th, 2025 (5 months ago)
CVE-2024-11468	Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a flaw in the installation process. Successful... Description: Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a flaw in the installation process. Successful exploitation of this issue may allow attackers with user privileges to escalate their privileges to root on the system where the Horizon Client for macOS is installed. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE February 5th, 2025 (5 months ago)
CVE-2024-11467	Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a logic flaw. Successful exploitation of this... Description: Omnissa Horizon Client for macOS contains a Local privilege escalation (LPE) Vulnerability due to a logic flaw. Successful exploitation of this issue may allow attackers with user privileges to escalate their privileges to root on the system where the Horizon Client for macOS is installed. CVSS: HIGH (7.8) EPSS Score: 0.04% Source: CVE February 5th, 2025 (5 months ago)
CVE-2024-10239	fld->used_bytes without sanity check causes stack overflow Description: A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6 . An attacker with administrator privileges can upload a specially crafted image, which can cause a stack overflow due to the unchecked fat->fsd.max_fld. CVSS: HIGH (7.2) EPSS Score: 0.04% Source: CVE February 5th, 2025 (5 months ago)
CVE-2024-10238	fld->used_bytes without sanity check causes stack overflow Description: A security issue in the firmware image verification implementation at Supermicro MBD-X12DPG-OA6. An attacker can upload a specially crafted image that will cause a stack overflow is caused by not checking fld->used_bytes. CVSS: HIGH (7.2) EPSS Score: 0.04% Source: CVE February 5th, 2025 (5 months ago)
CVE-2024-10237	SMC BMC Firmware Image Authentication Design Issue Description: There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD-X12DPG-OA6 . An attacker can modify the firmware to bypass BMC inspection and bypass the signature verification process CVSS: HIGH (7.2) EPSS Score: 0.04% Source: CVE February 5th, 2025 (5 months ago)
CVE-2025-0509	[github.com/sparkle-project/Sparkle] Sparkle Signing Checks Bypass Description: A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks. References https://nvd.nist.gov/vuln/detail/CVE-2025-0509 https://github.com/sparkle-project/Sparkle/pull/2550 https://security.netapp.com/advisory/ntap-20250124-0008 https://sparkle-project.org/documentation/security-and-reliability https://github.com/advisories/GHSA-wc9m-r3v6-9p5h EPSS Score: 0.04% Source: Github Advisory Database (Swift) February 5th, 2025 (5 months ago)
	Google: How to make any AMD Zen CPU always generate 4 as a random number Source: TheRegister February 4th, 2025 (5 months ago)
	Credential Theft Becomes Cybercriminals' Favorite Target Description: Researchers measured a threefold increase in credential stealing between 2023 and 2024, with more than 11.3 million such thefts last year. Source: Dark Reading February 4th, 2025 (5 months ago)
	[github.com/edgelesssys/marblerun] MarbleRun unauthenticated recovery allows Coordinator impersonation Description: Impact During recovery, a Coordinator only verifies that a given recovery key decrypts the sealed state, not if this key was provided by a party with access to one of the recovery keys defined in the manifest. This allows an attacker to manually craft a sealed state using their own recovery keys, and a manifest that does not match the rest of the state. If network traffic is redirected from the legitimate coordinator to the attacker's Coordinator, a remote party is susceptible to impersonation if they verify the Coordinator without comparing the root certificate of the Coordinator against a trusted reference. Under these circumstances, an attacker can trick a remote party into trusting the malicious Coordinator by presenting a manifest that does not match the actual state of the deployment. This issue does not affect the following: secrets and state of the legitimate Coordinator instances integrity of workloads certificates chaining back to the legitimate Coordinator root certificate Patches The issue has been patched in v1.7.0. Workarounds Connections that purely authenticate based on a known Coordinator's root certificate, e.g. the one retrieved when using the marblerun manifest set CLI command, are not affected. References https://github.com/edgelesssys/marblerun/security/advisories/GHSA-w7wm-2425-7p2h https://github.com/edgelesssys/marblerun/commit/e4864f9f1d0f12a4a7d28514da43bcc75603a5b5 https://github.com/edgelesssys/marblerun/releases/tag/v1.7.0 https://github.co... Source: Github Advisory Database (Go) February 4th, 2025 (5 months ago)