Lucene search
K

31 matches found

Qualys Blog
Qualys Blog
added 2026/03/02 7:40 p.m.8 views

Cyber Essentials Plus in 2026: Strengthened Controls, UK Cyber Reality & How Qualys Supports Compliance

Key Takeaways CE+ 2026 Updates: Effective April 2026, Cyber Essentials Plus requires stronger technical proof of control effectiveness, mandatory MFA, and tighter patching windows. Cloud and Identity in Scope: Audits now explicitly include cloud services and identity configurations, demanding...

6AI score
Exploits0
GithubExploit
GithubExploit
added 2026/01/30 2:26 p.m.177 views

Exploit for CVE-2026-7731

CTT-Refraction-Vortex-CVE-2026-7731- Under CTT, we see it as a...

5.9AI score0.00246EPSS
Exploits1
Wiz blog
Wiz blog
added 2025/12/22 1:0 p.m.16 views

Bringing Oracle Cloud Identity to Wiz

Unified visibility into OCI identities, permissions, and policies — mapped into Wiz’s Security Graph...

7AI score
Exploits0
CISA
CISA
added 2025/12/22 12:0 p.m.10 views

NIST and CISA Release Draft Interagency Report on Protecting Tokens and Assertions from Tampering Theft and Misuse for Public Comment

The Cybersecurity and Infrastructure Security Agency CISA and National Institute of Standards and Technology NIST have released an initial draft of Interagency Report IR 8597 Protecting Tokens and Assertions from Forgery, Theft, and Misuse for public comment through January 30, 2026. This report ...

7AI score
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-2572

Malware in sbrugna...

4.3CVSS6.3AI score0.02393EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.6 views

WordPress plugin Cloud SAML SSO - Single Sign On Login Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/07/16 12:0 a.m.6 views

CISA's NIMBUS 2000 Initiative: Understanding Key Findings and Strengthening Cloud Identity Security

This blog explores key findings from CISA’s NIMBUS 2000 Cloud Identity Security Technical Exchange and how Trend Vision One™ Cloud Security aligns with these priorities. It highlights critical challenges in token validation, secrets management, and logging visibility—offering insights into how...

7.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/07/14 2:7 p.m.4 views

Key Takeaways from the Take Command Summit 2025: Outpacing the Adversary – Red Teaming in a Complex Threat Landscape

The evolving complexity of modern infrastructures calls for more than traditional pen testing. In this session from the Take Command 2025 Virtual Cybersecurity Summit, red team experts shared how organizations are using continuous testing to outpace attackers — and better prepare their teams to...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2024/10/03 12:0 a.m.4 views

Authd 安全漏洞

Authd is an Ubuntu open source authentication daemon for cloud-based identity providers. A security vulnerability exists in Authd versions prior to 0.3.5. An attacker exploiting this vulnerability could perform any PAM operation, including authentication in their name...

8.8CVSS7.3AI score0.00585EPSS
Exploits0References4
Qualys Blog
Qualys Blog
added 2024/09/25 3:20 p.m.9 views

Addressing Cloud Identity Risks With TotalCloud CIEM

As organizations continue to embrace multi-cloud environments, leveraging platforms such as Amazon Web Services AWS, Microsoft Azure, Google Cloud Platform GCP, and Oracle Cloud Infrastructure OCI, the complexity of cloud security has increased exponentially. In cloud environments, machines are...

7.3AI score
Exploits0
CNVD
CNVD
added 2024/04/15 12:0 a.m.5 views

Unspecified Vulnerability in Palo Alto Networks PAN-OS (CNVD-2024-20503)

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from a flaw in the way data received from Cloud Identity Engine CIE agents is processed, which can lead to modification of user ID...

9.1CVSS6.7AI score0.00576EPSS
Exploits0References1
NVD
NVD
added 2024/04/10 5:15 p.m.22 views

CVE-2024-3383

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...

9.1CVSS7.3AI score0.00576EPSS
Exploits0References1
OSV
OSV
added 2024/04/10 5:15 p.m.3 views

CVE-2024-3383

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...

9.1CVSS5.8AI score0.00576EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/10 5:6 p.m.27 views

CVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...

7.4CVSS7.5AI score0.00576EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/10 5:6 p.m.11 views

CVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...

7.4CVSS7AI score0.00576EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2024/04/10 4:0 p.m.20 views

PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your...

9.1CVSS6.7AI score0.00576EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.3 views

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from a flaw in the way data received from Cloud Identity Engine CIE agents is processed, which can lead to modification of user ID...

9.1CVSS6.6AI score0.00576EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.3 views

PT-2024-2902 · Palo Alto Networks · Pan-Os

Name of the Vulnerable Software and Affected Versions: PAN-OS affected versions not specified Description: A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine CIE agents enables modification of User-ID groups. This impacts user access to...

9.1CVSS6.5AI score0.00576EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/04/10 12:0 a.m.23 views

Palo Alto Networks PAN-OS 10.1.x < 10.1.11 / 10.2.x < 10.2.5 / 11.0.x < 11.0.3 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.11 or 10.2.x prior to 10.2.5 or 11.0.x prior to 11.0.3. It is, therefore, affected by a vulnerability. - A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identit...

9.1CVSS8.1AI score0.00576EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/10/04 10:18 a.m.43 views

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance. "The attackers initially exploited a SQL injection vulnerability in an application within the target's environment," security researchers...

8.2AI score
Exploits0
Rows per page
Query Builder