The vulnerability of the automated deployment and scaling service for managed Apache Cassandra Azure Managed Instances lies in the lack of access control mechanisms, allowing attackers to escalate their privileges.

The vulnerability of the automated deployment and scaling service for managed Apache Cassandra instances in Azure is related to lack of access control. Exploiting this vulnerability could allow an attacker to enhance their privileges remotely...

CVE-2022-27891 Palantir Gotham included an unauthenticated endpoint that listed all active usernames in the platform with an active session.

Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the stack with an active session. The affected services have been patched and automatically deployed to all Apollo-managed Gotham instances. It is highly recommended that customers upgrade all affected servic...

New Security Vulnerability Affects Thousands of Self-Managed GitLab Instances

Researchers have disclosed details of a new security vulnerability in GitLab, an open-source DevOps software, that could potentially allow a remote, unauthenticated attacker to recover user-related information. Tracked as CVE-2021-4191 CVSS score: 5.3, the medium-severity flaw affects all version...

CVE-2022-23008

On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. Note: Software...