#auth

Users with low privileges (just plain users in the realm) are able to utilize administrative functionalities within Keycloak admin interface. This issue presents a significant security risk as it allows unauthorized users to perform actions reserved for administrators, potentially leading to data breaches or system compromise. **Acknowledgements:** Special thanks to Maurizio Agazzini for reporting this issue and helping us improve our project.

Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

The lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.

The fresh-baked malware is being widely distributed, but still specifically targets individuals with tailored lures. It's poised to evolve into a bigger threat, researchers warn.

If CEOs want to avoid being the target of government enforcement actions, they need to take a personal interest in ensuring that their corporation invests in cybersecurity.

The US government launched a self-attestation form asking software developers to affirm their software was developed securely. Compliance starts today for software used in critical infrastructure.

VSCode when opening a Jupyter notebook (.ipynb) file bypasses the trust model. On versions v1.4.0 through v1.71.1, its possible for the Jupyter notebook to embed HTML and javascript, which can then open new terminal windows within VSCode. Each of these new windows can then execute arbitrary code at startup. During testing, the first open of the Jupyter notebook resulted in pop-ups displaying errors of unable to find the payload exe file. The second attempt at opening the Jupyter notebook would result in successful execution. Successfully tested against VSCode 1.70.2 on Windows 10.

Oracle Database versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c allows for unauthorized access to password hashes by an account with the DBA role.

Ubuntu Security Notice 6825-1 - It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 16.04 LTS. It was discovered that ADOdb was incorrectly handling GET parameters in test.php. A remote attacker could possibly use this issue to execute cross-site scripting attacks. This issue only affected Ubuntu 16.04 LTS.

Red Hat Security Advisory 2024-3781-03 - An update is now available for Red Hat Ansible Automation Platform 2.4. Issues addressed include HTTP request smuggling, buffer overflow, code execution, cross site scripting, denial of service, memory exhaustion, null pointer, and password leak vulnerabilities.