CVE-2018-4399

CVE-2018-4399 is a kernel/privilege-related issue affecting Apple platforms prior to the patches in iOS 12, macOS Mojave 10.14, tvOS 12, and watchOS 5. The Red Hat advisory confirms an access issue with privileged API calls and notes affected versions before those updates. The Apple advisories HT...

CVE-2019-17558

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset velocity/ directory or as a parameter. A user defined configset could contain renderable, potentially...

CVE-2019-5767

Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK...

GitLab: Milestones leaked via search API

GitLab allows to restrict the project features for public projects. When disabling all features of a public project for non-project members under https://gitlab.com/xanbanx/test-search/edit, full access to milestones is still possible via the search API. Steps To Reproduce: Reproduced on GitLab...

GitLab: GitLab's GitHub integration is vulnerable to SSRF vulnerability

The GitHub service is vulnerable to a SSRF vulnerability. An attacker may be able to leverage this to make arbitrary POST requests in a GitLab instance's internal network. It can also be used to connect to cloud provider's instance metadata API, which may result in the ability to execute commands...

Cb Customer Spotlight Series: Q&A with Integral’s Sean McFeely

Featuring Sean McFeely, Sr. Information Analyst at Valvoline’s Integral Defense This year at Cb Connect 2018, we had our first ever Developer Day to recognize our vibrant partner and developer ecosystem. We had an amazing group of 100 developers attend, culminating in a hackathon. Sean McFeely, S...

JDK: privilege escalation via insufficiently restricted access to Attach API

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on...

Cisco Finesse Server-Side Request Forgery Vulnerability (CNVD-2018-14233)

Cisco Finesse is a suite of call center management software. The software enhances call center service quality, improves customer experience, and increases agent satisfaction. Cisco Finesse suffers from a server-side request forgery vulnerability in the web-based administration pages, which stems...

Microsoft Windows 10: Universal Windows apps with Windows Runtime API access

This policy setting controls whether Windows Store apps with Windows Runtime API access directly from web content can be launched. If you enable this policy setting, Windows Store apps with Windows Runtime API access directly from web content cannot be launched, Windows Store apps without Windows...

CVE-2018-1090

In Pulp before version 2.16.2, secrets are passed into overrideconfig when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets...

CVE-2018-1090

In Pulp before version 2.16.2, secrets are passed into overrideconfig when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets...

Code injection

In Pulp before version 2.16.2, secrets are passed into overrideconfig when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets...

CVE-2018-1090

In Pulp (before version 2.16.2), secrets are passed into override_config when triggering a task, making them readable to any user with read access on the distributor/importer. This leads to information disclosure via the API: an attacker with API access can view sensitive credentials. The issue i...

Connect to the Intelligent Security Graph using a new API

Most organizations deal with high volumes of security data and have dozens of security solutions in their enterprise, making the task of integrating various products and services daunting and complex. The cost, time, and resources necessary to connect systems, enable correlation of alerts, and...

CVE-2018-1090

In pulp, secrets are passed into overrideconfig when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets...

CVE-2017-8013

EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with knowledge of the password...

CVE-2018-8076

ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. The LaunchDaemon implements an XPC service that uses an insecure XPC API for accessing data from an inbound XPC message. This could potentially result in an XPC object of t...

foreman: models with a 'belongs_to' association to an Organization do not verify association belongs to that Organization

It was found that foreman in Satellite 6 did not properly enforce access controls on certain resources. An attacker with access to the API and knowledge of the resource name can access resources in other organizations...

[SECURITY] Fedora 26 Update: mupdf-1.11-9.fc26

MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...

New Relic: Users can enable API access for free via mass assignment

Free tier users aren't allowed API access, but it's possible to bypass this restriction thanks to a mass assignment bug. To replicate this, first verify that you don't already have API access by visiting: Account Settings - API Explorer - Create an API Key You should see the message "This feature...