Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Red Hat Security Advisory 2023-1049-01

Red Hat Security Advisory 2023-1049-01 - Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.6.2 serves as a replacement for Red Hat Single Sign-On 7.6.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, cross site scripting, denial of service, deserialization, html injection, memory exhaustion, open redirection, server-side request forgery, and traversal vulnerabilities.

Packet Storm
#xss#vulnerability#web#mac#red_hat#dos#apache#nodejs#js#java#rce#ssrf#auth#ssh
GHSA-h6f5-8jj5-cxhr: xwiki-platform vulnerable to Remote Code Execution in Annotations

### Impact The annotation displayer does not execute the content in a restricted context. This allows executing anything with the right of the author of any document by annotating the document. To reproduce: add an annotation with the content `{{groovy}}print "hello"{{/groovy}}` and click the yellow scare to get a display of the annotation inline. The result is "hello" but it should be an error suggesting that it's not allowed to use the groovy macro. ### Patches This has been patched in XWiki 13.10.11, 14.4.7 and 14.10. ### Workarounds There is no easy workaround except to upgrade. ### References https://jira.xwiki.org/browse/XWIKI-20360 https://jira.xwiki.org/browse/XWIKI-20384 ### For more information If you have any questions or comments about this advisory: * Open an issue in [Jira XWiki.org](https://jira.xwiki.org/) * Email us at [Security Mailing List](mailto:[email protected]) ### Attribution This vulnerability has been reported by René de Sain @renniepak.

On Shaky Ground: Why Dependencies Will Be Your Downfall

There's never enough time or staff to scan code repositories. To avoid dependency confusion attacks, use automated CI/CD tools to make fixes in hard-to-manage software dependencies.

ProtonVPN launches extensions for Chrome and Firefox browsers

By Waqas ProtonVPN is currently available in three packages, including one free and two paid. This is a post from HackRead.com Read the original post: ProtonVPN launches extensions for Chrome and Firefox browsers

This Hacker Tool Can Pinpoint a DJI Drone Operator's Exact Location

Every DJI quadcopter broadcasts its operator's position via radio—unencrypted. Now, a group of researchers has learned to decode those coordinates.

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed to evade security software and resist reverse engineering. Cybersecurity company Trend Micro said

Internet Explorer users still targeted by RIG exploit kit

Categories: News Tags: RIG EK Tags: exploit kit Tags: MakeMoney Tags: Internet Explorer Tags: Jerome Segura The RIG Exploit Kit is one of the last major exploit kits that still targets the legacy Internet Explorer browser. (Read more...) The post Internet Explorer users still targeted by RIG exploit kit appeared first on Malwarebytes Labs.

CVE-2022-3294: CVE-2022-3294: Node address isn't always verified when proxying · Issue #113757 · kubernetes/kubernetes

Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network.

The Importance of Recession-Proofing Security Operations

Make sure cybersecurity is taken seriously and consistently across the board. Educate the ecosystem beyond your own organization to mitigate security risks for everyone.

CISA: ZK Java Framework RCE Flaw Under Active Exploit

The flaw, which drew attention in October when it was found in ConnectWise products, could pose a significant risk to the supply chain if not patched immediately.