Security
Headlines
HeadlinesLatestCVEs

Tag

#git

GHSA-gc7p-j5xm-xxh2: Unauthorized Access to Private Fields in User Registration API

### System Details | Name | Value | |----------|------------------------| | OS | Windows 11 | | Version | 4.11.1 (node v16.14.2) | | Database | mysql | ### Description I marked some fields as private fields in user content-type, and tried to register as a new user via api, at the same time I added content to fill the private fields and sent a post request, and as you can see from the images below, I can write to the private fields. ![register](https://user-images.githubusercontent.com/32245914/246987508-9337ffd5-c681-4f51-9a0b-2490b424ca1e.png) ![user](https://user-images.githubusercontent.com/32245914/246987564-9f440b3f-a7a3-4710-9b75-0854667fc35d.png) ![private_field](https://user-images.githubusercontent.com/32245914/246987590-9c0ecefd-fd64-4221-b642-e730ea55d440.png) ![table](https://user-images.githubusercontent.com/32245914/246987604-009e6808-5690-458e-aa87-57dda7d4589d.png) To prevent this, I went to the extension a...

ghsa
#sql#vulnerability#windows#js#git#auth
GHSA-946c-f9w6-2c25: Download route allows filename change in eZpublish kernel

### Impact The route used for file downloads allows specifying the name of the downloaded file. This is an unintended side effect of the implementation, and means one could construct download URLs with filenames that have no relation to the actual file, which could lead to misunderstandings and confusion, and possibly other harm. As such it is a low severity vulnerability. It affects all supported versions of Ibexa DXP and eZ Platform, in installations where downloadable files exist. ### Patches The issue is fixed in all supported versions of ezsystems/ezpublish-kernel, see "Patched versions". An advisory is also published for ezsystems/ezplatform-kernel and ibexa/core, please see those repositories. Commit: https://github.com/ezsystems/ezpublish-kernel/commit/142152f9bae4c4835713df0bdfe22bc98d03f9a1 ### Workarounds None, other than blocking all downloads. ### References https://developers.ibexa.co/security-advisories/ibexa-sa-2023-005-vulnerabilities-in-solr-search-and-file-downloa...

GHSA-r6cc-7wj7-gfx2: Kubernetes csi-proxy vulnerable to privilege escalation due to improper input validation

Kubernetes is vulnerable to privilege escalation when a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy.

CVE-2023-3893: [Security Advisory] CVE-2023-3893: Insufficient input sanitization on kubernetes-csi-proxy leads to privilege escalation

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy.

Microsoft’s Secure Future Initiative Boosts Cybersecurity Against Advanced Attacks

By Deeba Ahmed Microsoft's new AI-powered Secure Future Initiative aims to assist governments, businesses, and consumers in combatting cybersecurity threats. This is a post from HackRead.com Read the original post: Microsoft’s Secure Future Initiative Boosts Cybersecurity Against Advanced Attacks

GHSA-2x28-c7j7-23gv: Subrion remote command execution vulnerability

Subrion 4.2.1 has a remote command execution vulnerability in the backend.

CVE-2023-3277: flutter-user.php in mstore-api/trunk/controllers – WordPress Plugin Repository

The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's email address. We are disclosing this issue as the developer has not yet released a patch, but continues to release updates and we escalated this issue to the plugin's team 30 days ago.

NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads

Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures to trick victims into downloading an updated version of a malware called NodeStealer. "Clicking on ads immediately downloads an archive containing a malicious .exe 'Photo Album' file which also drops a second executable written in .NET – this payload is in charge of

GHSA-g8p6-p27c-52fx: Eclipse Parsson Denial of Service vulnerability

In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale.

GHSA-2mw4-wj8c-7f93: Eclipse Glassfish remote code execution issue

In Eclipse Glassfish 5 or 6, running with old versions of JDK (lower than 6u211, or < 7u201, or < 8u191), allows remote attackers to load malicious code on the server via access to insecure ORB listeners.