CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 0CVE-2025-23366 – Org.jboss.hal:hal-console: wildfly hal console cross-site scripting
https://notcve.org/view.php?id=CVE-2025-23366
14 Jan 2025 — A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups “SuperUser”, “Admin”, or “Maintainer”. • https://access.redhat.com/security/cve/CVE-2025-23366 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.6EPSS: 0%CPEs: 18EXPL: 0CVE-2024-12747 – Rsync: race condition in rsync handling symbolic links
https://notcve.org/view.php?id=CVE-2024-12747
14 Jan 2025 — A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation. • https://access.redhat.com/security/cve/CVE-2024-12747 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-12088 – Rsync: --safe-links option bypass leads to path traversal
https://notcve.org/view.php?id=CVE-2024-12088
14 Jan 2025 — A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify if a symbolic link destination contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory. A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. • https://access.redhat.com/security/cve/CVE-2024-12088 • CWE-35: Path Traversal: '.../ •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2024-12086 – Rsync: rsync server leaks arbitrary client files
https://notcve.org/view.php?id=CVE-2024-12086
14 Jan 2025 — A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte ba... • https://access.redhat.com/security/cve/CVE-2024-12086 • CWE-390: Detection of Error Condition Without Action •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-12085 – Rsync: info leak via uninitialized stack contents
https://notcve.org/view.php?id=CVE-2024-12085
14 Jan 2025 — A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitializ... • https://access.redhat.com/security/cve/CVE-2024-12085 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11736 – Org.keycloak:keycloak-quarkus-server: unrestricted admin use of system and environment variables
https://notcve.org/view.php?id=CVE-2024-11736
14 Jan 2025 — A vulnerability was found in Keycloak. Admin users may have to access sensitive server environment variables and system properties through user-configurable URLs. When configuring backchannel logout URLs or admin URLs, admin users can include placeholders like ${env.VARNAME} or ${PROPNAME}. The server replaces these placeholders with the actual values of environment variables or system properties during URL processing. Se encontró una vulnerabilidad en Keycloak. • https://access.redhat.com/errata/RHSA-2025:0299 • CWE-526: Cleartext Storage of Sensitive Information in an Environment Variable •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-11734 – Org.keycloak:keycloak-quarkus-server: denial of service in keycloak server via security headers
https://notcve.org/view.php?id=CVE-2024-11734
14 Jan 2025 — A denial of service vulnerability was found in Keycloak that could allow an administrative user with the right to change realm settings to disrupt the service. This action is done by modifying any of the security headers and inserting newlines, which causes the Keycloak server to write to a request that has already been terminated, leading to the failure of said request. Se encontró una vulnerabilidad de denegación de servicio en Keycloak que podría permitir que un usuario administrativo con derecho a cambi... • https://access.redhat.com/errata/RHSA-2025:0299 • CWE-693: Protection Mechanism Failure •
CVSS: 7.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-0306 – Ruby: openssl: ruby marvin attack
https://notcve.org/view.php?id=CVE-2025-0306
09 Jan 2025 — A vulnerability was found in Ruby. The Ruby interpreter is vulnerable to the Marvin Attack. This attack allows the attacker to decrypt previously encrypted messages or forge signatures by exchanging a large number of messages with the vulnerable service. • https://access.redhat.com/security/cve/CVE-2025-0306 • CWE-385: Covert Timing Channel •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56827 – Openjpeg: heap buffer overflow in lib/openjp2/j2k.c
https://notcve.org/view.php?id=CVE-2024-56827
09 Jan 2025 — A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code if malformed images are opened. • https://access.redhat.com/security/cve/CVE-2024-56827 • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.6EPSS: 0%CPEs: 2EXPL: 0CVE-2024-56826 – Openjpeg: heap buffer overflow in bin/common/color.c
https://notcve.org/view.php?id=CVE-2024-56826
09 Jan 2025 — A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, which could result in denial of service or the execution of arbitrary code if malformed images are opened. • https://access.redhat.com/security/cve/CVE-2024-56826 • CWE-122: Heap-based Buffer Overflow •