Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

GHSA-7hpq-3g6w-pvhf: Snowflake JDBC allows an untrusted search path on Windows

### Issue Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. When the EXTERNALBROWSER authentication method is used on Windows, an attacker with write access to a directory in the %PATH% can escalate their privileges to the user that runs the vulnerable JDBC Driver version. This vulnerability affects versions 3.2.3 through 3.21.0 on Windows. Snowflake fixed the issue in version 3.22.0. ### Vulnerability Details When the EXTERNALBROWSER authentication method is selected, the Snowflake JDBC Driver on non-macOS operating systems tries to open the SSO URL using xdg-open. Because xdg-open is a Linux program that doesn’t exist in a default Windows installation, a sufficiently privileged attacker could place a malicious executable in one of the directories on the %PATH% and achieve local privilege escalation to the user running the JDBC Driver. ### Solution Snowflake released version 3.22.0 of the Snowflake JDBC Driver, which fixes this issue. We recommend us...

ghsa
Open in Source
#vulnerability#web#mac#windows#linux#auth
GHSA-3xg3-cgvq-2xwr: Twig security issue where escaping was missing when using null coalesce operator

When using the `??` operator, output escaping was missing for the expression on the left side of the operator.

These are the 10 worst PIN codes

Data analysis has shown which 4-digit pin codes offer the best chances for an attacker. Are you using one of them?

Mirai Variant 'Aquabot' Exploits Mitel Device Flaws

Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.

Whatsup Gold, Observium and Offis vulnerabilities

Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold.    These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications implementing DICOM (Digital Imaging and Communications

GHSA-v664-qgx9-wf79: RuoYi allowed unauthorized attackers to view the session ID of the admin in the system monitoring

RuoYi v4.8.0 was discovered to allow unauthorized attackers to view the session ID of the admin in the system monitoring. This issue can allow attackers to impersonate Admin users via using a crafted cookie.

GHSA-h5jh-rp76-q242: RuoYi has insecure permissions

Insecure permissions in RuoYi v4.8.0 allows authenticated attackers to escalate privileges by assigning themselves higher level roles.

GHSA-qq5h-rjj9-q9qg: RuoYi vulnerable to Denial of Service by attackers with admin privileges

An issue in the reset password interface of ruoyi v4.8.0 allows attackers with Admin privileges to cause a Denial of Service (DoS) by duplicating the login name of the account.

The Old Ways of Vendor Risk Management Are No Longer Good Enough

Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.

Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution

A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0. "Due to a flaw in the multi-line SNMP result parser, authenticated users can inject