Tag
#git
ffi::nstr() should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow.
Now the US director of national intelligence, Gabbard failed to follow basic cybersecurity practices on several of her personal accounts, leaked records reviewed by WIRED reveal.
A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs when an application improperly sanitizes user input before storing it in a data store. When this stored data is later included in web pages without adequate sanitization, malicious scripts can execute in the context of users who view these pages, leading to potential data theft, session hijacking, or other malicious activities. ### Impact Cross-site scripting (XSS) vulnerability in the management console. ### Patches Fixed in [HAL 3.7.11.Final](https://github.com/hal/console/releases/tag/v3.7.11) ### Workarounds No workaround available
Cybercriminals aren’t always loud and obvious. Sometimes, they play it quiet and smart. One of the tricks of…
### Impact ZITADEL offers developers the ability to manage user sessions using the [Session API](https://zitadel.com/docs/category/apis/resources/session_service_v2/session-service). This API enables the use of IdPs for authentication, known as idp intents. Following a successful idp intent, the client receives an id and token on a predefined URI. These id and token can then be used to authenticate the user or their session. However, it was possible to exploit this feature by repeatedly using intents. This allowed an attacker with access to the application’s URI to retrieve the id and token, enabling them to authenticate on behalf of the user. It’s important to note that the use of additional factors (MFA) prevents a complete authentication process and, consequently, access to the ZITADEL API. ### Patches 3.x versions are fixed on >=[3.0.0](https://github.com/zitadel/zitadel/releases/tag/v3.0.0) 2.71.x versions are fixed on >=[2.71.9](https://github.com/zitadel/zitadel/releases/t...
### Summary It seems that when running **goshs** without arguments it is possible for anyone to execute commands on the server. This was tested on version **1.0.4** of **goshs**. The command function was introduced in version **0.3.4**. ### Details It seems that the function ```dispatchReadPump``` does not checks the option cli ```-c```, thus allowing anyone to execute arbitrary command through the use of websockets. ### PoC Used **websocat** for the POC: ```bash echo -e '{"type": "command", "content": "id"}' |./websocat 'ws://192.168.1.11:8000/?ws' -t ``` ### Impact The vulnerability will only impacts goshs server on vulnerable versions.
The following functions in the `tanton_engine` crate are unsound due to lack of sufficient boundary checks in public API: - `Stack::offset()` - `ThreadStack::get()` - `RootMoveList::insert_score_depth()` - `RootMoveList::insert_score()` The tanton_engine crate is no longer maintained, so there are no plans to fix this issue.
Disney was hit by two major 2024 cyberattacks, an ex-employee’s sabotage and a hacker’s AI trap, exposing internal…
## Impact: A security issue has been found in `terraform-provider-windns` before version `1.0.5`. The `windns_record` resource did not santize the input variables. This can lead to authenticated command injection in the underlyding powershell command prompt. ## Patches: [`83ef736 (fix: better input validation)`](https://github.com/nrkno/terraform-provider-windns/commit/c76f69610c1b502f90aaed8c4f102194530b5bce) ## Fixed versions: - `v1.0.5`
### Affected Environments Note that this issue only affects the V0 engine, which has been off by default since v0.8.0. Further, the issue only applies to a deployment using tensor parallelism across multiple hosts, which we do not expect to be a common deployment pattern. Since V0 is has been off by default since v0.8.0 and the fix is fairly invasive, we have decided not to fix this issue. Instead we recommend that users ensure their environment is on a secure network in case this pattern is in use. The V1 engine is not affected by this issue. ### Impact In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a `SUB` ZeroMQ socket and connect to an `XPUB` socket on the primary vLLM host. https://github.com/vllm-project/vllm/blob/c21b99b91241409c2fdf9f3f8c542e8748b317be/vllm/distributed/device_communicators/shm_broadcast.py#L295-L301 When data is received on this `SUB` socket, it is deserializ...