Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

CVE-2024-38227: Microsoft SharePoint Server Remote Code Execution Vulnerability

**According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability?** An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.

Microsoft Security Response Center
#vulnerability#microsoft#rce#auth#Microsoft Office SharePoint#Security Vulnerability
GHSA-g974-hxvm-x689: node-gettext vulnerable to Prototype Pollution

All versions of the package node-gettext are vulnerable to Prototype Pollution via the addTranslations() function in gettext.js due to improper user input sanitization.

DragonRank, a Chinese-speaking SEO manipulator service provider

Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operating PlugX and BadIIS for search engine optimization (SEO) rank manipulation.

10 Writing Tips for Cybersecurity Professionals

It takes more than technical knowledge to write about cybersecurity in a way people want to read. It takes creativity, discipline, and other key skills.

GHSA-f4wh-359g-4pq7: ThinkPHP deserialization vulnerability

A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.

GHSA-g4gc-rh26-m3p5: Keycloak Open Redirect vulnerability

An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the `referrer` and `referrer_uri` parameters are made to trick a user to visit a malicious webpage. A trusted URL can trick users and automation into believing that the URL is safe, when, in fact, it redirects to a malicious server. This issue can result in a victim inadvertently trusting the destination of the redirect, potentially leading to a successful phishing attack or other types of attacks. Once a crafted URL is made, it can be sent to a Keycloak admin via email for example. This will trigger this vulnerability when the user visits the page and clicks the link. A malicious actor can use this to target users they know are Keycloak admins for further attacks. It may also be possible to bypass other domain-related security checks, such as supplying this as a OAuth redirect uri. The malicious actor can further obfuscate the `redirect_uri` using URL encoding, to hide the text of t...

GHSA-57rh-gr4v-j5f6: Keycloak Uses a Key Past its Expiration Date

A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 30 seconds (default). Instead of expiring and deemed unusable around 30 seconds in, the tokens are valid for an additional 30 seconds totaling 1 minute. A one time passcode that is valid longer than its expiration time increases the attack window for malicious actors to abuse the system and compromise accounts. Additionally, it increases the attack surface because at any given time, two OTPs are valid.

GHSA-j76j-rqwj-jmvv: Keycloak Session Fixation vulnerability

A session fixation issue was discovered in the SAML adapters provided by Keycloak. The session ID and JSESSIONID cookie are not changed at login time, even when `the turnOffChangeSessionIdOnLogin` option is configured. This flaw allows an attacker who hijacks the current session before authentication to trigger session fixation.

Akira Ransomware Actors Exploit SonicWall Bug for RCE

CISA has added CVE-2024-40766 to its Known Exploited Vulnerabilities catalog.

300K Victims' Data Compromised in Avis Car Rental Breach

Though the company reports that data was exfiltrated in the breach, it has been remained tightlipped regarding the kind of data that was exposed.