-
Under "a note on security" you say:
> This package is in no way as secure as a password and will never be. Although it's harder to fool than normal face recognition, a person who looks similar to …
-
__Summary:__
A business logic flaw in influxdb allows users who own a valid allAccess token to escalate their privileges at operator level by listing current authorization tokens.
__Example Scenar…
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0xfb743a207baafff21cbbaf6763cb515bd569fb3bba82901b4e0ecdb397599366
**Severity:** high
**Description:**
## Brief
Privi…
-
Privilege escalation occurs when a user with low privileges is able to view, create or edit data only available to users with higher privileges. This is usually achieved by manipulating parameters on …
-
## Current approach
Currently we use applescript (eg. `do shell script ... with administrator privileges`) if root is required (eg. the app is in `/Applications`). This is not recommended by apple, a…
-
Hello,
A common interesting vector for privilege escalation is [arbitrary file deletion]( https://www.zerodayinitiative.com/blog/2022/3/16/abusing-arbitrary-file-deletes-to-escalate-privilege-and-o…
-
### Steps to Reproduce
1. Create AWS IAM policy:
```
{
"Statement": [
{
"Action": [
"iam:UpdateAccessKey",
"iam:ListAccessKeys",
…
-
I just attempted to work around https://github.com/zhaofengli/colmena/issues/206 by allowing local SSH but apparently a build requires privilege escalation:
```
$ colmena build --on HEPHAISTOS,S…
Atemu updated
2 months ago
-
-
### Kyverno CLI Version
1.13.0
### Description
When a test is expected to fail, but the policy passes, the test is treated as a pass. Below are files minimally reproducing:
### Steps to reprodu…