Linux Distros Unpatched Vulnerability : CVE-2022-41561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition,...

The vulnerability of the Azure Marketplace component of Microsoft Azure’s software platform allows a perpetrator to disclose protected information.

The vulnerability of the Azure Marketplace component of Microsoft Azure’s software platform is related to access control errors. Exploiting this vulnerability could allow a malicious actor to disclose protected information remotely...

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in Azure products. A malicious person with prior authentication could exploit the vulnerabilities to gain access to sensitive data in the victim's context. Successful misuse requires the victim to log in, where the malicious person manages to win a race...

CVE-2025-21380 Azure Marketplace SaaS Resources Information Disclosure Vulnerability

...

CVE-2025-21380

CVE-2025-21380 is an Azure vulnerability affecting Azure Marketplace SaaS Resources, caused by improper access control that enables an authorized attacker to disclose information over a network. Connected sources confirm the affected component as Azure Marketplace SaaS Resources and indicate the ...

Azure Marketplace SaaS Resources Information Disclosure Vulnerability

Improper access control in Azure SaaS Resources allows an authorized attacker to disclose information over a network...

Security Bulletin: IBM QRadar SIEM on Azure Cloud deployed from Azure Marketplace is vulnerable to remote code execution (CVE-2024-21334)

Summary IBM QRadar SIEM on Azure Cloud deployed from Azure Marketplace is vulnerable to a remote code execution issue found within the Microsoft Open Management Infrastructure OMI. The information below shows how to remove this vulnerable component. Vulnerability Details CVEID:CVE-2024-21334...

Citrix Virtual Apps Essentials and Citrix Virtual Desktops Essentials: EoS and EoR Azure Marketplace

Cloud Software Group has decided to end of sale EOS on October 31st, 2023, and end of renewal EOR, end of life EOL on May 31st, 2024, Citrix Virtual Apps and Desktops Essentials in the Azure Marketplace. This move is designed to improve our product line and deliver superior value and user...

Malicious code in azure-arm-marketplaceordering-samples-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf59f23b5bccf7ec27582deef1e3ac73b9c2bb5dd0285fc2ea68303025f4e110 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in azure-arm-marketplaceordering-samples-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2b4a2463f36d3e9bd24f3d0ca72ceee3983872b1b555f31a9dc698e1d8c23d8c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-22773

The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for ActiveMatrix BPM, and TIBCO JasperReports Serv...

Security Bulletin: IBM QRadar Azure marketplace images include Open Management Infrastructure RPM, which is vulnerable to Remote Code Execution (CVE-2021-38647)

Summary IBM QRadar Azure marketplace images include the Open Management Infrastructure RPM which is vulnerable to CVE-2021-38647. Although we do not expose the affected port, we suggest updating out of an abundance of caution. Vulnerability Details CVEID: CVE-2021-38647 DESCRIPTION: Microsoft Azu...

Optimize security with Azure Firewall solution for Azure Sentinel

Security is a constant balance between proactive and reactive defenses. They are both equally important, and neither can be neglected. Effectively protecting your organization means constantly optimizing both prevention and detection. That’s why we’re excited to announce a seamless integration...

Azure LoLBins: Protecting against the dual use of virtual machine extensions

Azure Defender for Resource Manager offers unique protection by automatically monitoring the resource management operations in your organization, whether theyre performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. In this blog, we will look into the...

Azure LoLBins: Protecting against the dual use of virtual machine extensions

Azure Defender for Resource Manager offers unique protection by automatically monitoring the resource management operations in your organization, whether theyre performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. In this blog, we will look into the...

New Azure Marketplace Pay-As-You-Go Billing for Trend Micro Deep Security as a Service

Cloud adoption continues to rise as organizations reduce their data center footprint, look to cloud native technologies to improve their application design and output, and strive to improve scalability and management of resources and systems. In a recent survey conducted by analyst firm ESG, 87% ...

Wallarm now available on Azure

Wallarm is excited to announce the native availability of Wallarm node on Azure. While in the past Wallarm customers in Azure environment had to install Wallarm nodes as dynamic modules manually into their Azure instances with NGINX, the new release allows deployment from a pre-configured image...

Installing Patch 1376 on Veeam Availability Console Microsoft Marketplace Appliance

Challenge Applying this update to a Veeam Availability Console VAC Azure Appliance fails with: "A newer version of this application is already installed on this computer. If you wish to install this version, please uninstall the newer version first. Click OK to exit the wizard." Cause Azure...

ArcGIS Server 10.3.1 RMIClassLoader useCodebaseOnly=false Code Execution Exploit

ArcGIS Server version 10.3.1 suffers from an RMIClassLoader useCodebaseOnly=false remote code execution vulnerability. Using an Esri-provided image on Azure's Marketplace, ArcGIS Server 10.3.1 started Java's rmid on port 1098 and explicitly set the property java.rmi.server.useCodebaseOnly equal t...

Announcing Microsoft Azure Asset Discovery in InsightVM

Almost every security or IT practitioner is familiar with the ascent and continued dominance of Amazon Web Services AWS. But you only need to peel back a layer or two to find Microsoft Azure growing its own market share and establishing its position as the most-used, most-likely-to-renew public...