An SQLi in Password Manager Pro, which is bundled with Manage Engine’s Privileged Access Management 360 (PAM360) and Access Manager Plus.In the password manager, there’s a concept of “resources” which can be added or edited, which internally submits a multipart form request to the AddResourceType.ve endpoint…
A number of bugs in Tailscale leading to an RCE chain.
A timing-based side-channel in the CHECK_DATA Device Configuration Data could allow the value of memory to be disclosed and read even when reading was disabled.
The RH850 is an automotive MCU which features SecureOnboard Communication or SecOC, which includes read protections to prevent the ability to dump the ROM over serial.After reversing the protocol with a logic analyzer, they discovered the authentication was only gated on the sync command (which is required before any other commands are acknowledged)…
Starts off with a somewhat classic parser attack,, placing a parsable object inside of another context hoping to trip up the system.In this case Gareth Heyes was able to inject :verified: within a supported HTML attribute, and have it be replaced with the emoji as an <img> tag…
Its the description that caught my eye on this one, a race condition leading to authentication bypass.
Cross-Site Tracing is a vulnerability I didn’t think I’d be hearing about again, yet here we are.
Bypassing an authentication check in AWS AppSync by changing the case of a JSON key.
Bit of a race condition leading to a lock screen bypass on Pixel devices.
Oversecured pointed their code-scanning tool at discovering issues in vendor patches to the Android System APIs and found a number of places where Samsung introduces vulnerabilities.