About Remote Code Execution – XWiki Platform (CVE-2024-31982) vulnerability

About Remote Code Execution - XWiki Platform CVE-2024-31982 vulnerability. XWiki is a free open-source wiki platform. Its main feature is simplified extensibility. XWiki is often used in corporate environments as a replacement for commercial Wiki solutions such as Atlassian Confluence. A...

GO-2024-3230 Kyverno's PolicyException objects can be created in any namespace by default in github.com/kyverno/kyverno

Kyverno's PolicyException objects can be created in any namespace by default in github.com/kyverno/kyverno...

GO-2024-3227 Mattermost incorrectly issues two sessions when using desktop SSO in github.com/mattermost/mattermost-server

Mattermost incorrectly issues two sessions when using desktop SSO in github.com/mattermost/mattermost-server...

Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code

Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from victims' crypto wallets. The package, named "CryptoAITools," is said to have been distributed...

Argo Workflows Controller: Denial of Service via malicious daemon Workflows

Summary Due to a race condition in a global variable, the argo workflows controller can be made to crash on-command by any user with access to execute a workflow. This was resolved by https://github.com/argoproj/argo-workflows/pull/13641 Details These two lines introduce a data race in the...

GO-2024-3211 Graphql: information disclosure via graphql introspection in openshift in github.com/openshift/console

Graphql: information disclosure via graphql introspection in openshift in github.com/openshift/console...

GO-2024-3213 Plenti arbitrary file write vulnerability in github.com/plentico/plenti

Plenti arbitrary file write vulnerability in github.com/plentico/plenti...

GO-2024-3215 Grafana Command Injection And Local File Inclusion Via Sql Expressions in github.com/grafana/grafana

Grafana Command Injection And Local File Inclusion Via Sql Expressions in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

GO-2024-3216 Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel

Denied Host Validation Bypass in Zitadel Actions in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, plea...

GO-2024-3219 github.com/crossplane/crossplane: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

github.com/crossplane/crossplane: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses...

GO-2024-3217 User Registration Bypass in Zitadel in github.com/zitadel/zitadel

User Registration Bypass in Zitadel in github.com/zitadel/zitadel. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an...

GO-2024-3220 Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rancher

Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...

GO-2024-3222 RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rke2

RKE2 allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rke2. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive report...

GO-2024-3221 Rancher Remote Code Execution via Cluster/Node Drivers in github.com/rancher/rancher

Rancher Remote Code Execution via Cluster/Node Drivers in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners...

GO-2024-3223 Exposure of vSphere's CPI and CSI credentials in Rancher in github.com/rancher/rancher

Exposure of vSphere's CPI and CSI credentials in Rancher in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

GO-2024-3224 Missing key verification in gost in github.com/ginuerzh/gost

Missing key verification in gost in github.com/ginuerzh/gost...

Metasploit Weekly Wrap-Up 10/25/2024

Hackers and Vampires Agree: Every Byte Counts Headlining the release today is a new exploit module by jheysel-r7 that chains two vulnerabilities to target Magento/Adobe Commerce systems: the first, CVE-2024-34102 is an arbitrary file read used to determine the version and layout of the glibc...

GHSA-V46J-H43H-RWRM Autolab Misconfigured Reset Password Permissions

Impact For email-based accounts, users with insufficient privileges could reset and theoretically access privileged users' accounts by resetting their passwords. Patches This is fixed in v3.0.1. Workarounds No workarounds. For more information If you have any questions or comments about this...

Autolab Misconfigured Reset Password Permissions

Impact For email-based accounts, users with insufficient privileges could reset and theoretically access privileged users' accounts by resetting their passwords. Patches This is fixed in v3.0.1. Workarounds No workarounds. For more information If you have any questions or comments about this...

Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security

Apple has publicly made available its Private Cloud Compute PCC Virtual Research Environment VRE, allowing the research community to inspect and verify the privacy and security guarantees of its offering. PCC, which Apple unveiled earlier this June, has been marketed as the "most advanced securit...