Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-3656	Keycloak: unguarded admin rest api endpoints allows low privilege users to use administrative functionalities Description: A flaw was found in Keycloak. Certain endpoints in Keycloak's admin REST API allow low-privilege users to access administrative functionalities. This flaw allows users to perform actions reserved for administrators, potentially leading to data breaches or system compromise. EPSS Score: 0.09% Source: CVE December 5th, 2024 (4 months ago)
	White House: Salt Typhoon hacked telcos in dozens of countries Description: Chinese state hackers, known as Salt Typhoon, have breached telecommunications companies in dozens of countries, President Biden's deputy national security adviser Anne Neuberger said today. [...] Source: BleepingComputer December 4th, 2024 (4 months ago)
	Misconfigured WAFs Heighten DoS, Breach Risks Description: Organizations that rely on their content delivery network provider for Web application firewall services may be inadvertently leaving themselves open to attack. Source: Dark Reading December 3rd, 2024 (4 months ago)
	US shares tips to block hackers behind recent telecom breaches Description: CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat group that breached multiple major global telecommunications providers earlier this year. [...] Source: BleepingComputer December 3rd, 2024 (4 months ago)
	[ezsystems/ezplatform-http-cache] ezsystems/ezplatform-http-cache affected by Breach with Varnish VCL Description: Impact This is not a vulnerability in the code per se, but included Varnish VCL templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix disables compression in these templates. Please make sure to make the same change in your configuration files, see the release notes for specific instructions. Please check your web server configuration as well. Patches See "Patched versions". https://github.com/ezsystems/ezplatform-http-cache/commit/ca8a5cf69b2c14fbec90412aeeef5c755c51457b Workarounds Make sure HTTP compression is disabled for REST API requests and other communication that might contain secrets. References Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates Release notes: https://doc.ibexa.co/en/latest/update_and_migration/from_3.3/update_from_3.3/#v3341 https://github.com/ibexa/post-install/security/advisories/GHSA-4h8f-c635-25p7 https://github.com/ibexa/http-cache/security/advisories/GHSA-fh7v-q458-7vmw https://www.breachattack.com/ References https://github.com/ezsystems/ezplatform-http-cache/security/advisories/GHSA-mgfg-7533-7jf6 https://github.com/ibexa/http-cache/security/advisories/GHSA-fh7v-q458-7vmw https://github.com/ibexa/post-install/security/advisories/GHSA-4h8f-c635-25p7 https://github.com/e... Source: Github Advisory Database (Composer) December 3rd, 2024 (4 months ago)
	[ibexa/http-cache] ibexa/http-cache affected by Breach with Varnish VCL Description: Impact This is not a vulnerability in the code per se, but included Varnish VCL templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix disables compression in these templates. Please make sure to make the same change in your configuration files, see the release notes for specific instructions. Please check your web server configuration as well. Patches See "Patched versions". https://github.com/ibexa/http-cache/commit/e03f683e8db53b6d253e1af8177befeecc8d3914 Workarounds Make sure HTTP compression is disabled for REST API requests and other communication that might contain secrets. References Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates Release notes: https://doc.ibexa.co/en/latest/update_and_migration/from_4.6/update_from_4.6/#v4614 https://github.com/ibexa/post-install/security/advisories/GHSA-4h8f-c635-25p7 https://github.com/ezsystems/ezplatform-http-cache/security/advisories/GHSA-mgfg-7533-7jf6 https://www.breachattack.com/ References https://github.com/ezsystems/ezplatform-http-cache/security/advisories/GHSA-mgfg-7533-7jf6 https://github.com/ibexa/http-cache/security/advisories/GHSA-fh7v-q458-7vmw https://github.com/ibexa/post-install/security/advisories/GHSA-4h8f-c635-25p7 https://github.com/i... Source: Github Advisory Database (Composer) December 3rd, 2024 (4 months ago)
	[ibexa/post-install] ibexa/post-install affected by Breach with Varnish VCL Description: Impact This is not a vulnerability in the code per se, but included platform.sh Varnish VCL templates and Apache/Nginx vhost templates enable compression of API and JSON messages. This is a potential case of the BREACH vulnerability, which affects HTTP compression, where secrets can be extracted through carefully crafted requests. The fix disables compression in these templates. Please make sure to make the same change in your configuration files, see the release notes for specific instructions. Patches See "Patched versions". v1.0: https://github.com/ibexa/post-install/commit/d91cc02623dd3263a99a94ace133c95e48909e5d v4.6: https://github.com/ibexa/post-install/commit/ae7c3c2081a862c75b90828f08bd74436ceb8fe8 Workarounds Make sure HTTP compression is disabled for REST API requests and other communication that might contain secrets. References Advisory: https://developers.ibexa.co/security-advisories/ibexa-sa-2024-006-vulnerabilities-in-content-name-pattern-commerce-shop-and-varnish-vhost-templates Release notes v3.3: https://doc.ibexa.co/en/latest/update_and_migration/from_3.3/update_from_3.3/#v3341 Release notes v4.6: https://doc.ibexa.co/en/latest/update_and_migration/from_4.6/update_from_4.6/#v4614 https://github.com/ezsystems/ezplatform-http-cache/security/advisories/GHSA-mgfg-7533-7jf6 https://github.com/ibexa/http-cache/security/advisories/GHSA-fh7v-q458-7vmw https://www.breachattack.com/ References https://github.com/ezsystems/ezplatform-http-cache/security/advis... Source: Github Advisory Database (Composer) December 3rd, 2024 (4 months ago)
	Bologna FC confirms data breach after RansomHub ransomware attack Description: Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group. [...] Source: BleepingComputer November 29th, 2024 (5 months ago)
	Zello asks users to reset passwords after security incident Description: Zello is warning customers to reset their passwords if their account was created before November 2nd in what appears to be another security breach. [...] Source: BleepingComputer November 27th, 2024 (5 months ago)
	Chinese hackers breached T-Mobile's routers to scope out network Description: T-Mobile says the Chinese "Salt Typhoon" hackers who recently compromised its systems as part of a series of telecom breaches first hacked into some of its routers to explore ways to navigate laterally through the network.  [...] Source: BleepingComputer November 27th, 2024 (5 months ago)