CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: [Darknetlive Archive] Dream Vendor CaliCartel Admits Drug Trafficking Conspiracy
January 31st, 2025 (5 months ago)
|
|
|
Description: Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness.
January 31st, 2025 (5 months ago)
|
|
|
Description: Southeast Supply, Inc. Has Fallen Victim to 8BASE Ransomware
January 31st, 2025 (5 months ago)
|
CVE-2025-23215 |
Description: Summary
While rebuilding PMD Designer for Reproducible Builds and digging into issues, I found out that passphrase for gpg.keyname=0xD0BF1D737C9A1C22 is included in jar published to Maven Central.
Details
See https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/net/sourceforge/pmd/pmd-designer/README.md
I removed 2 lines from https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/net/sourceforge/pmd/pmd-designer/pmd-designer-7.0.0.diffoscope but real content is:
├── net/sourceforge/pmd/util/fxdesigner/designer.properties
│ @@ -1,14 +1,12 @@
│ #Properties
│ checkstyle.plugin.version=3.3.1
│ checkstyle.version=10.14.0
│ -gpg.keyname=0xD0BF1D737C9A1C22
│ -gpg.passphrase=evicx0nuPfvSVhVyeXpw
│ jar.plugin.version=3.3.0
│ -java.version=11.0.22
│ +java.version=11.0.25
│ javadoc.plugin.version=3.6.3
│ jflex-output=/home/runner/work/pmd-designer/pmd-designer/target/generated-sources/jflex
│ junit5.version=5.8.2
│ kotest.version=5.5.5
│ kotlin.version=1.7.20
│ local.lib.repo=/home/runner/work/pmd-designer/pmd-designer/lib/mvn-repo
│ openjfx.scope=provided
PoC
./rebuild.sh content/net/sourceforge/pmd/pmd-designer/pmd-designer-7.0.0.buildspec
Impact
After further analysis, the passphrase of the following two keys have been compromised:
94A5 2756 9CAF 7A47 AFCA BDE4 86D3 7ECA 8C2E 4C5B: PMD Designer (Release Signing Key) [email protected]
This key has been used since 2019 with the release of net.sourceforge.pmd:pmd-ui:6.1...
CVSS: NONE (0.0) EPSS Score: 0.05%
January 31st, 2025 (5 months ago)
|
|
CVE-2025-23215 |
Description: Summary
While rebuilding PMD Designer for Reproducible Builds and digging into issues, I found out that passphrase for gpg.keyname=0xD0BF1D737C9A1C22 is included in jar published to Maven Central.
Details
See https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/net/sourceforge/pmd/pmd-designer/README.md
I removed 2 lines from https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/net/sourceforge/pmd/pmd-designer/pmd-designer-7.0.0.diffoscope but real content is:
├── net/sourceforge/pmd/util/fxdesigner/designer.properties
│ @@ -1,14 +1,12 @@
│ #Properties
│ checkstyle.plugin.version=3.3.1
│ checkstyle.version=10.14.0
│ -gpg.keyname=0xD0BF1D737C9A1C22
│ -gpg.passphrase=evicx0nuPfvSVhVyeXpw
│ jar.plugin.version=3.3.0
│ -java.version=11.0.22
│ +java.version=11.0.25
│ javadoc.plugin.version=3.6.3
│ jflex-output=/home/runner/work/pmd-designer/pmd-designer/target/generated-sources/jflex
│ junit5.version=5.8.2
│ kotest.version=5.5.5
│ kotlin.version=1.7.20
│ local.lib.repo=/home/runner/work/pmd-designer/pmd-designer/lib/mvn-repo
│ openjfx.scope=provided
PoC
./rebuild.sh content/net/sourceforge/pmd/pmd-designer/pmd-designer-7.0.0.buildspec
Impact
After further analysis, the passphrase of the following two keys have been compromised:
94A5 2756 9CAF 7A47 AFCA BDE4 86D3 7ECA 8C2E 4C5B: PMD Designer (Release Signing Key) [email protected]
This key has been used since 2019 with the release of net.sourceforge.pmd:pmd-ui:6.1...
CVSS: NONE (0.0) EPSS Score: 0.05%
January 31st, 2025 (5 months ago)
|
|
CVE-2025-23215 |
Description: Summary
While rebuilding PMD Designer for Reproducible Builds and digging into issues, I found out that passphrase for gpg.keyname=0xD0BF1D737C9A1C22 is included in jar published to Maven Central.
Details
See https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/net/sourceforge/pmd/pmd-designer/README.md
I removed 2 lines from https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/net/sourceforge/pmd/pmd-designer/pmd-designer-7.0.0.diffoscope but real content is:
├── net/sourceforge/pmd/util/fxdesigner/designer.properties
│ @@ -1,14 +1,12 @@
│ #Properties
│ checkstyle.plugin.version=3.3.1
│ checkstyle.version=10.14.0
│ -gpg.keyname=0xD0BF1D737C9A1C22
│ -gpg.passphrase=evicx0nuPfvSVhVyeXpw
│ jar.plugin.version=3.3.0
│ -java.version=11.0.22
│ +java.version=11.0.25
│ javadoc.plugin.version=3.6.3
│ jflex-output=/home/runner/work/pmd-designer/pmd-designer/target/generated-sources/jflex
│ junit5.version=5.8.2
│ kotest.version=5.5.5
│ kotlin.version=1.7.20
│ local.lib.repo=/home/runner/work/pmd-designer/pmd-designer/lib/mvn-repo
│ openjfx.scope=provided
PoC
./rebuild.sh content/net/sourceforge/pmd/pmd-designer/pmd-designer-7.0.0.buildspec
Impact
After further analysis, the passphrase of the following two keys have been compromised:
94A5 2756 9CAF 7A47 AFCA BDE4 86D3 7ECA 8C2E 4C5B: PMD Designer (Release Signing Key) [email protected]
This key has been used since 2019 with the release of net.sourceforge.pmd:pmd-ui:6.1...
CVSS: NONE (0.0) EPSS Score: 0.05%
January 31st, 2025 (5 months ago)
|
|
CVE-2025-23367 |
Description: A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor role is supposed to have only read access permissions and should not be able to suspend the server. The vulnerability is caused by the Suspend and Resume handlers not performing authorization checks to validate whether the current user has the required permissions to proceed with the action.
Impact
Standalone server (Domain mode is not affected) with use access control enabled with RBAC provider can be suspended or resumed by unauthorized users. When a server is suspended, the server will stop receiving user requests. The resume handle does the opposite; it will cause a suspended server to start accepting user requests.
Patches
Fixed in WildFly Core 27.0.1.Final
Workarounds
No workaround available
References
See also: https://issues.redhat.com/browse/WFCORE-7153
Acknowledgements
The WildFly project would like to thank Claudia Bartolini (TIM S.p.A), Marco Ventura (TIM S.p.A), and Massimiliano Brolli (TIM S.p.A) for reporting this issue. https://www.gruppotim.it/it/footer/red-team.html
References
https://github.com/wildfly/wildfly-core/security/advisories/GHSA-qr6x-62gq-4ccp
https://nvd.nist.gov/vuln/detail/CVE-2025-23367
https://access.redhat.com/security/cve/CVE-2025-23367
https:/...
CVSS: MEDIUM (6.5) EPSS Score: 0.05%
January 31st, 2025 (5 months ago)
|
|
|
Description: Mr Hamza Targeted the Website of Booking.com
January 31st, 2025 (5 months ago)
|
|
|
Description: Microsoft says it improved the contrast of text rendered in all Chromium-based web browsers on Windows, making it more readable on some displays. [...]
January 31st, 2025 (5 months ago)
|
|
|
Description: Pembina Trails School Division Has Fallen Victim to RHYSIDA Ransomware
January 31st, 2025 (5 months ago)
|