2691 matches found
CVE-2026-22734
Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...
PT-2026-33375
Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...
CVE-2026-22734 - UAA SAML 2.0 Signature Bypass | Cloud Foundry
Severity 8.8 / High CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N 8.6 / HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Vendor CloudFoundry Foundation Description Cloud Foundry UAA versions v77.21.0 through v78.8.0 are vulnerable to a bypass that allows an attacker to obtain a...
CVE-2026-32213
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-18561
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-32213
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-32213 Azure AI Foundry Elevation of Privilege Vulnerability
...
CVE-2026-32213
Technical details (affected products, versions, root cause, fixes) are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories to obtain concrete impact and remediation information.
CVE-2026-32213 Azure AI Foundry Elevation of Privilege Vulnerability
...
CVE-2026-32213
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...
Azure AI Foundry Elevation of Privilege Vulnerability
Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...
PT-2026-29905
Name of the Vulnerable Software and Affected Versions Azure AI Foundry affected versions not specified Description Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer...
Microsoft Azure AI Foundry 授权问题漏洞
Microsoft Azure AI Foundry is a platform tool developed by the American company Microsoft, used for building, managing, and deploying enterprise-level AI models and services. There is an authorization issue vulnerability in Microsoft Azure AI Foundry; this vulnerability stems from improper...
KLA90966 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Azure MCP Server can...
Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring
Summary Multiple Spring Vulnerabilities have been addressed in IBM Library Support for Spring Vulnerability Details CVEID:CVE-2026-22731 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires...
CVE-2026-22733
Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from...
CVE-2026-22727
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...
EUVD-2026-12667
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...
CVE-2026-22727
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...
CVE-2026-22727 Cloud Foundry unprotected internal endpoints
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...