CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Impact
On schemas involving arrows with caveats on the arrow’ed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, requests may return a negative response when a positive response is expected.
For example, given this schema:
definition user {}
definition office {
relation parent: office
relation manager: user
permission read = manager + parent->read
}
definition group {
relation parent: office
permission read = parent->read
}
definition document {
relation owner: group with equals
permission read = owner->read
}
caveat equals(actual string, required string) {
actual == required
}
and these relationships:
office:headoffice#manager@user:maria
office:branch1#parent@office:headoffice
group:admins#parent@office:branch1
group:managers#parent@office:headoffice
document:budget#owner@group:admins[equals:{"required":"admin"}]
document:budget#owner@group:managers[equals:{"required":"manager"}]
Permission for 'document:budget#read@user:maria with {"actual" : "admin"}' is returned as NO_PERMISSION when HAS_PERMISSION is the correct answer.
Patches
Upgrade to v1.44.2.
Workarounds
Do not use caveats in your schema over an arrow’ed relation.
References
https://github.com/authzed/spicedb/security/advisories/GHSA-cwwm-hr97-qfxm
https://nvd.nist.gov/vuln/detail/CVE-2025-49011
https://github.com/authzed/spicedb/commit/fe8dd9f491f6975b3408c401e413a530eb181a67
https://github.com/authzed/spice...
CVSS: LOW (3.7) EPSS Score: 0.03%
June 6th, 2025 (22 days ago)
|
CVE-2025-49127 |
Description: Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows any unauthenticated user to execute arbitrary code on the server. Version 1.1.0 fixes the issue.
CVSS: HIGH (8.9) EPSS Score: 0.12%
June 6th, 2025 (22 days ago)
|
|
CVE-2024-24262 |
Description: media-server v1.0.0 was discovered to contain a Use-After-Free (UAF) vulnerability via the sip_uac_stop_timer function at /uac/sip-uac-transaction.c.
EPSS Score: 0.14% SSVC Exploitation: poc
June 6th, 2025 (22 days ago)
|
|
CVE-2024-22900 |
Description: Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the setNetworkCardInfo function.
EPSS Score: 2.02% SSVC Exploitation: none
June 6th, 2025 (22 days ago)
|
|
CVE-2024-20906 |
Description: Vulnerability in the Integrated Lights Out Manager (ILOM) product of Oracle Systems (component: System Management). Supported versions that are affected are 3, 4 and 5. Easily exploitable vulnerability allows high privileged attacker with network access via ICMP to compromise Integrated Lights Out Manager (ILOM). Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Integrated Lights Out Manager (ILOM), attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N).
CVSS: MEDIUM (4.8) EPSS Score: 0.23% SSVC Exploitation: none
June 6th, 2025 (22 days ago)
|
|
CVE-2024-1021 |
Description: A vulnerability, which was classified as critical, has been found in Rebuild up to 3.5.5. Affected by this issue is the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252290 is the identifier assigned to this vulnerability. Eine kritische Schwachstelle wurde in Rebuild bis 3.5.5 entdeckt. Davon betroffen ist die Funktion readRawText der Komponente HTTP Request Handler. Mittels dem Manipulieren des Arguments url mit unbekannten Daten kann eine server-side request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: MEDIUM (6.3) EPSS Score: 93.14% SSVC Exploitation: none
June 6th, 2025 (22 days ago)
|
|
CVE-2024-0576 |
Description: A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been declared as critical. This vulnerability affects the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sPort leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250792. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. In Totolink LR1200GB 9.1.0u.6619_B20230130 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Betroffen ist die Funktion setIpPortFilterRules der Datei /cgi-bin/cstecgi.cgi. Durch die Manipulation des Arguments sPort mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.8) EPSS Score: 0.38% SSVC Exploitation: none
June 6th, 2025 (22 days ago)
|
|
CVE-2025-5799 |
Description: A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. In Tenda AC8 16.03.34.09 wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um die Funktion fromSetWirelessRepeat der Datei /goform/WifiExtraSet. Durch das Beeinflussen des Arguments wpapsk_crypto mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.8) EPSS Score: 0.08%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-5798 |
Description: A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeType leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in Tenda AC8 16.03.34.09 ausgemacht. Es geht dabei um die Funktion fromSetSysTime der Datei /goform/SetSysTimeCfg. Durch Manipulieren des Arguments timeType mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
CVSS: HIGH (8.8) EPSS Score: 0.08%
June 6th, 2025 (22 days ago)
|
|
CVE-2025-5797 |
Description: A vulnerability was found in Laundry Laundry System 1.0 and classified as problematic. This issue affects some unknown processing of the file /data/insert_type.php. The manipulation of the argument Type leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Eine problematische Schwachstelle wurde in Laundry Laundry System 1.0 gefunden. Es geht hierbei um eine nicht näher spezifizierte Funktion der Datei /data/insert_type.php. Durch das Manipulieren des Arguments Type mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
CVSS: LOW (3.5) EPSS Score: 0.03%
June 6th, 2025 (22 days ago)
|