#vulnerability

Improper Input Validation vulnerability in Apache Zeppelin. The attackers can call updating cron API with invalid or improper privileges so that the notebook can run with the privileges. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue.

Though April’s monthly security update from Microsoft includes 150 vulnerabilities, only three of them are considered “critical."

By Owais Sultan WordPress, a widely used content management system, owes a great deal of its flexibility to plugins. These small… This is a post from HackRead.com Read the original post: The Essential Tools and Plugins for WordPress Development

Distributed denial-of-service attacks still plague the enterprise, but adding preventive measures can reduce their impact.

We are potentially encroaching on a water supply crisis if data center operators, utilities, and the government don't implement preventative measures now.

The company is asking users to retire several network-attached storage (NAS) models to avoid compromise through a publicly available exploit that results in backdooring.

### Impact "gin-vue-admin<=v2.6.1 has a code injection vulnerability in the backend. In the Plugin System -> Plugin Template feature, an attacker can perform directory traversal by manipulating the 'plugName' parameter. They can create specific folders such as 'api', 'config', 'global', 'model', 'router', 'service', and 'main.go' function within the specified traversal directory. Moreover, the Go files within these folders can have arbitrary code inserted based on a specific PoC parameter." Affected code: https://github.com/flipped-aurora/gin-vue-admin/blob/746af378990ebf3367f8bb3d4e9684936df152e7/server/api/v1/system/sys_auto_code.go:239. Let's take a look at the method 'AutoPlug' within the 'AutoCodeApi' struct. ```go func (autoApi *AutoCodeApi) AutoPlug(c *gin.Context) { var a system.AutoPlugReq err := c.ShouldBindJSON(&a) if err != nil { response.FailWithMessage(err.Error(), c) return } a.Snake = strings.ToLower(a.PlugName) a.NeedModel = a.HasRequest || a.HasResponse er...

### Impact A recent refactoring added the ability to get GitHub repositories registered to a project without specifying a specific provider. Unfortunately, the SQL query for doing so was missing parenthesis, and would select a random repository. ### Patches Patched in #2941 ### Workarounds Revert prior to `5c381cf`, or roll forward past `2eb94e7` ### References N/A

### Impact During the proxy generation process (e.g., when using `dirac-proxy-init`) it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then perform any action that is possible with the original proxy. This vulnerability only exists for a short period of time (sub-millsecond) during the generation process. ### Patches _Has the problem been patched? What versions should users upgrade to?_ ### Workarounds Setting the `X509_USER_PROXY` environment variable to a path that is inside a directory that is only readable to the current user avoids the potential risk. After the file has been written it can be safely copied to the standard location (`/tmp/x509up_uNNNN`). ### References

### Impact If the crawler is set to crawl protected pages, it sends the cookie header to externals URLs. ### Patches Update to Contao 4.13.40 or 5.3.4. ### Workarounds Disable crawling protected pages. ### References https://contao.org/en/security-advisories/session-cookie-disclosure-in-the-crawler ### For more information If you have any questions or comments about this advisory, open an issue in [contao/contao](https://github.com/contao/contao/issues/new/choose).