CVE-2026-35430

Authorization bypass through user-controlled key in Azure Privileged Identity Management PIM allows an authorized attacker to elevate privileges over a network...

GHSA-686C-7VGV-V3FX Coder: Unauthenticated SSRF via Azure Instance Identity Endpoint

Summary Unauthenticated semi-blind Server-Side Request Forgery SSRF via the Azure instance identity endpoint POST /api/v2/workspaceagents/azure-instance-identity. An external attacker can force the Coder server to issue HTTP GET requests to arbitrary internal or external hosts by submitting a...

PT-2026-42031

Summary Unauthenticated semi-blind Server-Side Request Forgery SSRF via the Azure instance identity endpoint POST /api/v2/workspaceagents/azure-instance-identity. An external attacker can force the Coder server to issue HTTP GET requests to arbitrary internal or external hosts by submitting a...

PT-2026-42039

Name of the Vulnerable Software and Affected Versions Coder versions prior to 2.33.3 Coder versions prior to 2.32.2 Coder versions prior to 2.31.12 Coder versions prior to 2.30.8 Coder versions prior to 2.29.13 Coder versions prior to 2.24.5 Description The azureidentity.Validate function verifie...

CLEANSTART-2026-DY37532 Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability

Security vulnerability affects the cortex-fips package. Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability...

fence-agents security update

4.2.1-129.20 - bundled urllib3: fix CVE-2025-66471 - bundled urllib3: fix CVE-2026-21441 Resolves: RHEL-139756, RHEL-140783 4.2.1-129.17 - bundled urllib3: fix CVE-2025-66418 Resolves: RHEL-136027 4.2.1-129.16 - fencenutanixahv: new fence agent Resolves: RHEL-110964 4.2.1-129.15 - fencekubevirt:...

EUVD-2024-2098

Malicious code in bioql PyPI...

EUVD-2023-40380

Malicious code in bioql PyPI...

EUVD-2024-1327

Malicious code in bioql PyPI...

EUVD-2023-2658

Malicious code in bioql PyPI...

OESA-2025-2070 restic security update

restic is a backup program. It supports verification, encryption, snapshots and deduplication. Security Fixes: A vulnerability was found in Microsoft Azure Identity Library and Microsoft Authentication Library Cloud Software the affected version unknown. It has been rated as problematic.Using CWE...

OESA-2025-2069 restic security update

restic is a backup program. It supports verification, encryption, snapshots and deduplication. Security Fixes: A vulnerability was found in Microsoft Azure Identity Library and Microsoft Authentication Library Cloud Software the affected version unknown. It has been rated as problematic.Using CWE...

fence-agents bug fix update

An update is available for fence-agents. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fence-agents packages provide a collection of scripts for handling...

openSUSE Security Advisory (SUSE-SU-2025:0750-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : python-azure-identity (SUSE-SU-2025:0750-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:0750-1 advisory. - CVE-2024-35255: race condition leading to privilege escalation and unauthorized access to sensitive information in Azure...

Security update for python-azure-identity

This update for python-azure-identity fixes the following issues: CVE-2024-35255: race condition leading to privilege escalation and unauthorized access to sensitive information in Azure Identity libraries bsc1230100. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2025:0750-1 Security update for python-azure-identity

This update for python-azure-identity fixes the following issues: - CVE-2024-35255: race condition leading to privilege escalation and unauthorized access to sensitive information in Azure Identity libraries bsc1230100...

Security Bulletin: vulnerability in Microsoft Azure Identity affects IBM Workload Scheduler.

Summary IBM Workload Scheduler is affected by a vulnerability in Microsoft Azure Identity that can cause Privilege escalation CVE-2024-35255 Vulnerability Details CVEID:CVE-2024-35255 DESCRIPTION: Microsoft Azure Identity Libraries and Microsoft Authentication Library could allow a local...

azure-identity: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/Azure/azure-sdk-for-go/sdk/azidentity

A flaw was found in Microsoft's Azure Identity Libraries and the Microsoft Authentication Library MSAL. The flaw arises from a race condition—a scenario where the timing of events leads to unexpected behavior—during concurrent operations on shared resources. This can result in privilege escalatio...

OPENSUSE-SU-2024:14362-1 python310-azure-identity-1.18.0-1.1 on GA media

These are all security issues fixed in the python310-azure-identity-1.18.0-1.1 package on the GA media of openSUSE Tumbleweed...