CVE-2024-35196

Sentry is a developer-first error tracking and performance monitoring platform. Sentry's Slack integration incorrectly records the incoming request body in logs. This request data can contain sensitive information, including the deprecated Slack verification token. With this verification token, i...

Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting

The Russian GRU-backed threat actor APT28 has been attributed as behind a series of campaigns targeting networks across Europe with the HeadLace malware and credential-harvesting web pages. APT28, also known by the names BlueDelta, Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, ITG05, Pa...

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 20, 2024 to May 26, 2024)

Did you know Wordfence runs a Bug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $10,400, for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we handle all the rest...

Grafana OnCall Webhook SSRF

Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers. Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery SSRF...

PT-2024-4050 · Grafana · Grafana Oncall

Name of the Vulnerable Software and Affected Versions: Grafana OnCall versions 1.1.37 through 1.5.1 Description: The issue is related to insufficient validation of incoming requests in the webhook functionality of Grafana OnCall, which can allow a remote attacker to perform a Server Side Request...

Improper Access Control

Mattermost is vulnerable to Improper Access Control. The vulnerability is due to a failure to restrict the audience of the "customplaybooksplaybookrunupdated" webhook event, allowing a guest on a channel with a linked playbook run to see all details of the playbook run when it is marked as finish...

CVE-2024-5272

Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1, 8.1.x = 8.1.12 fail to restrict the audience of the "customplaybooksplaybookrunupdated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by finished...

CVE-2024-5272

Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1, 8.1.x = 8.1.12 fail to restrict the audience of the "customplaybooksplaybookrunupdated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by finished...

CVE-2024-5272

The CVE-2024-5272 issue is an Improper Access Control in Mattermost where the audience of the custom_playbooks_playbook_run_updated webhook is not restricted. A guest in a channel with a linked playbook run can view all details of the playbook run once it is marked as finished. Affected versions ...

CVE-2024-5272 Run Details leak to guest via webhook event "custom_playbooks_playbook_run_updated"

Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1, 8.1.x = 8.1.12 fail to restrict the audience of the "customplaybooksplaybookrunupdated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by finished...

CVE-2024-5272 Run Details leak to guest via webhook event "custom_playbooks_playbook_run_updated"

Mattermost versions 9.5.x = 9.5.3, 9.6.x = 9.6.1, 8.1.x = 8.1.12 fail to restrict the audience of the "customplaybooksplaybookrunupdated" webhook event, which allows a guest on a channel with a playbook run linked to see all the details of the playbook run when the run is marked by finished...

BIT-HUBBLE-RELAY-2023-39347 Cilium NetworkPolicy bypass via pod labels

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...

BIT-HUBBLE-RELAY-2023-41333 Bypass of namespace restrictions in CiliumNetworkPolicy

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...

PT-2024-32874 · WordPress · Cost Calculator Builder

Name of the Vulnerable Software and Affected Versions: Cost Calculator Builder Pro plugin for WordPress versions up to 3.1.72 Description: The issue allows authenticated attackers with subscriber-level access and above to make web requests to arbitrary locations originating from the web...

GitLab 1.0 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13306)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Webhook feature could be abused to perform denial of service attacks due to the lack of rate limitation...

BIT-CILIUM-OPERATOR-2023-39347 Cilium NetworkPolicy bypass via pod labels

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to update pod labels can cause Cilium to apply incorrect network policies. This issue arises due to the fact that on pod update, Cilium incorrectly uses user-provided pod labels...

BIT-CILIUM-2023-41333 Bypass of namespace restrictions in CiliumNetworkPolicy

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...

BIT-CILIUM-OPERATOR-2023-41333 Bypass of namespace restrictions in CiliumNetworkPolicy

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. An attacker with the ability to create or modify CiliumNetworkPolicy objects in a particular namespace is able to affect traffic on an entire Cilium cluster, potentially bypassing policy enforcement in othe...

CVE-2024-34084 Minder's Github Webhook Handler vulnerable to denial of service from un-validated requests

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests t...

CVE-2024-34084 Minder's Github Webhook Handler vulnerable to denial of service from un-validated requests

Minder's HandleGithubWebhook is susceptible to a denial of service attack from an untrusted HTTP request. The vulnerability exists before the request has been validated, and as such the request is still untrusted at the point of failure. This allows an attacker with the ability to send requests t...