all InfoSec news
Synapse Spark LPE
Sept. 1, 2022, midnight |
The Open Cloud Vulnerability & Security Issue Database www.cloudvulndb.org
among them Apache Spark. Synapse provided users the capability to mount Azure File Shares to
their Apache Spark Pools via a script called filesharemount.sh that would execute with elevated
privileges. This script would mount the File Share to the /synfs directory. There was a race
condition in the script where, if successfully exploited, a user could execute the chown command
to change the ownership of any directory—including …
More from www.cloudvulndb.org / The Open Cloud Vulnerability & Security Issue Database
AWS Amplify IAM role publicly assumable exposure
1 week, 2 days ago |
www.cloudvulndb.org
Azure Site Recovery privilege escalation
2 months, 1 week ago |
www.cloudvulndb.org
Azure HDInsight privilege escalation and DoS vulnerabilities
2 months, 2 weeks ago |
www.cloudvulndb.org
Amazon WorkSpaces Windows client credential logging
6 months, 2 weeks ago |
www.cloudvulndb.org
Power Platform Custom Code information disclosure
8 months, 2 weeks ago |
www.cloudvulndb.org
Azure Front Door client-side desync
9 months, 4 weeks ago |
www.cloudvulndb.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Officer Hospital - Major Hospital Account - Full-Time - Healthcare Security
@ Allied Universal | Anaheim, CA, United States
Product Security Lead
@ Lely | Maassluis, Netherlands
Summer Associate, IT Information Security (Temporary)
@ Vir Biotechnology, Inc. | San Francisco, California, United States
Director, Governance, Risk and Compliance - Corporate
@ Ryan Specialty | Chicago, IL, US, 60606
Cybersecurity Governance, Risk, and Compliance Engineer
@ Emerson | Shakopee, MN, United States