Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Securing Cloud Identities to Protect Assets and Minimize Risk

Preventative security should be driven by data and risk assessment, not compliance.

DARKReading
Open in Source
#xss#vulnerability#web#mac#microsoft#git#kubernetes#aws
GHSA-r847-6w6h-r8g4: Flyte Admin SQL Injection in List Filters

### Impact List endpoints on Flyte Admin has a SQL vulnerability where a malicious user can send a REST requests with custom SQL statements as list filters. ### Workarounds The attacker needs to have access to the flyteadmin installation (typically either behind a VPN or authentication). ### References https://owasp.org/www-community/attacks/SQL_Injection#

GHSA-crg9-44h2-xw35: Apache ActiveMQ is vulnerable to Remote Code Execution

Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.  Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.

N. Korean Lazarus Group Targets Software Vendor Using Known Flaws

The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used by the threat actor for

CVE-2023-46394: Stored xss vulnerability in gougucms version 4.08.18 · Issue #I88TC0 · 勾股开源/ThinkPHP6 勾股CMS - Gitee.com

A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the headimgurl parameter.

CVE-2023-46393: Any User Password Reset Vulnerability in gougucms 4.08.18 · Issue #I88TKH · 勾股开源/ThinkPHP6 勾股CMS - Gitee.com

gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet.

Splunk edit_user Capability Privilege Escalation

Splunk suffers from an issue where a low-privileged user who holds a role that has the edit_user capability assigned to it can escalate their privileges to that of the admin user by providing a specially crafted web request. This is because the edit_user capability does not honor the grantableRoles setting in the authorize.conf configuration file, which prevents this scenario from happening. This exploit abuses this vulnerability to change the admin password and login with it to upload a malicious app achieving remote code execution.

XAMPP 3.3.0 Buffer Overflow

XAMPP version 3.3.0 .ini unicode + SEH buffer overflow exploit.

Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats

Google has announced that it's expanding its Vulnerability Rewards Program (VRP) to reward researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in an effort to bolster AI safety and security. "Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or

CVE-2023-46818: ISPConfig 3.2.11p1 Released - ISPConfig

An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if admin_allow_langedit is enabled.