Security
Headlines

Headlines Latest CVEs

Headline

GHSA-cfr5-7p54-4qg8: Privilege Escalation using Spoofing

Impact

Users with low privileges ( Editor, etc) are able to access some unintended endpoints.

11 months ago

Privilege Escalation using Spoofing

Moderate severity GitHub Reviewed Published Dec 12, 2023 in umbraco/Umbraco-CMS • Updated Dec 13, 2023

Related news

CVE-2023-49273: Privilege Escalation using Spoofing

Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.0, users with low privileges (Editor, etc.) are able to access some unintended endpoints. Versions 8.18.10, 10.8.1, and 12.3.0 contain a patch for this issue.

11 months ago

#vulnerability #asp.net

ghsa: Latest News

GHSA-27wf-5967-98gx: Kubernetes kubelet arbitrary command execution

7 hours ago

GHSA-mr95-vfcf-fx9p: Apache Answer: Predictable Authorization Token Using UUIDv1

7 hours ago

GHSA-pqhp-25j4-6hq9: smol-toml has a Denial of Service via malicious TOML document using deeply nested inline tables

8 hours ago

GHSA-v5h2-q2w4-gpcx: Sentry improper error handling leaks Application Integration Client Secret

8 hours ago

GHSA-8w49-h785-mj3c: Tornado has an HTTP cookie parsing DoS vulnerability

8 hours ago