Phishing scammers are posting fake “account restricted” comments on LinkedIn

Recently, fake LinkedIn profiles have started posting comment replies claiming that a user has " engaged in activities that are not in compliance" with LinkedIn's policies and that their account has been " temporarily restricted" until they submit an appeal through a specified link in the comment...

CVE-2024-29033

OAuthenticator provides plugins for JupyterHub to use common OAuth providers, as well as base classes for writing one's own Authenticators with any OAuth 2.0 provider. GoogleOAuthenticator.hosteddomain is used to restrict what Google accounts can be authorized access to a JupyterHub. The...

PT-2024-9145 · Cisco · Cisco Secure Firewall Management Center (Fmc)

Name of the Vulnerable Software and Affected Versions: Cisco Secure Firewall Management Center FMC Software versions affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to inject arbitrary HTML content in...

U.S. Dept Of Defense: Restrict any user from Login to their account

A security vulnerability was discovered where an attacker could change their email address to the victim's email, effectively restricting the victim from accessing their account. The vulnerability stemmed from improper authentication on the "Update Profile" functionality of the website...

CVE-2023-28640

Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess the URL, which includes Organisation ID, Client...

CVE-2023-28640 Permissions bypass in Apiman could enable authenticated attacker to unpermitted API Key

Apiman is a flexible and open source API Management platform. Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may be able to gain access to API keys they do not have permission for if they correctly guess the URL, which includes Organisation ID, Client...

PT-2023-21868 · Apiman · Apiman

Name of the Vulnerable Software and Affected Versions: Apiman versions prior to 3.1.0.Final Description: Due to a missing permissions check, an attacker with an authenticated Apiman Manager account may gain access to API keys they do not have permission for if they correctly guess the URL, which...

OpenSSH 7.2p1 - (Authenticated) xauth Command Injection

''' Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115 Version: 0.2 Date: Mar 3rd, 2016 Tag: openssh xauth command injection may lead to forced-command and /bin/false bypass Overview -------- Name: openssh Vendor: OpenBSD References: http://www.openssh.com/1 Version: 7.2...

Disallow multiple sessions for an account

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-33586. panel It is currently possible to run several sessions under any account. Some customers prefer to restrict the number of sessions to...