4 matches found
ASB-A-328068777
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
GHSA-VH2M-22XX-Q94F Sensitive query parameters logged by default in OpenTelemetry.Instrumentation http and AspNetCore
Impact OpenTelemetry.Instrumentation.Http writes the url.full attribute/tag on spans Activity when tracing is enabled for outgoing http requests and OpenTelemetry.Instrumentation.AspNetCore writes the url.query attribute/tag on spans Activity when tracing is enabled for incoming http requests...
Law Firm to the Fortune 500 Breached with Ransomware
Campbell Conroy & O’Neil, P.C. – U.S. law firm to a dazzling array of huge companies – told its star-studded clientele that an intruder may have groped their data. It was hit with ransomware in February and is now suffering the data-breach fallout. That client list spans a slew of industries and...
San Diego School District Data Breach Hits 500k Students
A phishing attack against California’s San Diego Unified School District has led to hackers scooping up Social Security numbers and addresses of more than 500,000 students and staff. The district became aware of the breach Oct. 2018. The actual breach occurred between January 2001 and November...