19 matches found
Node.js: Node.js: Information disclosure due to `fs.realpathSync.native()` bypassing filesystem read restrictions
A flaw was found in Node.js. The Node.js Permission Model, intended to restrict filesystem access, does not properly enforce read permission checks for the fs.realpathSync.native function. This vulnerability allows code operating under --permission with restricted --allow-fs-read flags to bypass...
ClawLess: A Security Model of AI Agents
Autonomous AI agents powered by Large Language Models can reason, plan, and execute complex tasks, but their ability to autonomously retrieve information and run code introduces significant security risks. Existing approaches attempt to regulate agent behavior through training or prompting, which...
CVE-2025-15523
MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...
AZL-74988 CVE-2025-55130 affecting package nodejs for versions less than 20.14.0-13
A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...
ROS-20251006-11
A vulnerability in the permissions model of the Node.js software platform is related to flaws in the processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions and send unauthorized requests. existing security restrictions...
EUVD-2023-36920
Malicious code in bioql PyPI...
CVE-2023-32680
Metabase is an open source business analytics engine. To edit SQL Snippets, Metabase should have required people to be in at least one group with native query editing permissions to a database–but affected versions of Metabase didn't enforce that requirement. This lack of enforcement meant that:...
Node.js 安全漏洞
Node.js is an open source, cross-platform JavaScript runtime environment open-sourced by Node.js. Node.js suffers from a security vulnerability that stems from the permissions model's assumption that any path beginning with two backslashes has an ignorable four-character prefix, a subtle error th...
nodejs:20 security update
An update is available for module.nodejs-nodemon, nodejs-packaging, module.nodejs-packaging, nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list...
Server Side Request Forgery (SSRF) attack in Fedify
Summary At present, when Fedify needs to retrieve an object or activity from a remote activitypub server, it makes a HTTP request to the @id or other resources present within the activity it has received from the web. This activity could reference an @id that points to an internal IP address,...
PT-2023-9601 · Node.Js · Node.Js
Name of the Vulnerable Software and Affected Versions: Node.js version 20 Description: A vulnerability has been discovered in the experimental permission model of Node.js, specifically related to improper handling of Buffers in file system APIs, causing a traversal path to bypass when verifying...
CVE-2023-32680
Metabase is an open source business analytics engine. To edit SQL Snippets, Metabase should have required people to be in at least one group with native query editing permissions to a database–but affected versions of Metabase didn't enforce that requirement. This lack of enforcement meant that:...
CVE-2022-25570
In Click Studios SA Pty Ltd Passwordstate 9435, users with access to a passwordlist can gain access to additional password lists without permissions. Specifically, an authenticated user who has write permissions to a password list in one folder with the default permission model can extend his...
CVE-2019-16529
An issue was discovered in the CheckUser extension through 1.35.0 for MediaWiki. Oversighted edit summaries are still visible in CheckUser results in violation of MediaWiki's permissions model...
New Relic: [Synthetics/Infrastructure/everything] Individual account permissions are not properly managed and inherited on sub accounts
I've been poking around with sub accounts since I exploited 219356 and gave myself access to New Relic pro features, and I found a few things that seem to be overlooked after the user management overhaul that happened about a few weeks ago. When you have a sub account on your account, you get thi...
Samsung Android JACK - Local Privilege Escalation
Samsung Android JACK - Local Privilege Escalation Sources: https://bugs.chromium.org/p/project-zero/issues/detail?id=796 https://bugs.chromium.org/p/project-zero/issues/detail?id=795 The usermode audio subsystem for the "Samsung Android Professional Audio" is based on JACK, which appears to be...
Samsung Android JACK - Privilege Escalation
Exploit for Android platform in category local exploits Sources: https://bugs.chromium.org/p/project-zero/issues/detail?id=796 https://bugs.chromium.org/p/project-zero/issues/detail?id=795 The usermode audio subsystem for the "Samsung Android Professional Audio" is based on JACK, which appears to...
FreeBSD : django -- regression in permissions model (6b1d8a39-ddb3-11e5-8fa8-14dae9d210b8)
Tim Graham reports : User with 'change' but not 'add' permission can create objects for ModelAdmin's with saveas=True %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018...
Did the “Man With No Name” Feel Insecure?
Posted by James Forshaw, Taker of Names Sometimes when I'm doing security research I'll come across a bug which surprises me. I discovered just such a bug in the Windows version of Chrome which exposed a little-known security detail in the OS. The bug, CVE-2014-3196 was fixed in M38, so it seemed...