Lucene search
K

2691 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/16 11:33 p.m.11 views

CVE-2026-22734

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

8.6CVSS5.8AI score0.00364EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/16 12:0 a.m.8 views

PT-2026-33375

Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected systems. This vulnerability exists when SAML 2.0 bearer assertions are enabled for a client, as the UAA accepts SAML 2.0 bearer assertions that are neither signed no...

8.6CVSS5.8AI score0.00364EPSS
Exploits0References2
Cloud Foundry
Cloud Foundry
added 2026/04/06 12:0 a.m.10 views

CVE-2026-22734 - UAA SAML 2.0 Signature Bypass | Cloud Foundry

Severity 8.8 / High CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N 8.6 / HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Vendor CloudFoundry Foundation Description Cloud Foundry UAA versions v77.21.0 through v78.8.0 are vulnerable to a bypass that allows an attacker to obtain a...

8.6CVSS5.3AI score0.00364EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/04 4:59 a.m.4 views

CVE-2026-32213

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.9AI score0.00913EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/03 12:31 a.m.4 views

EUVD-2026-18561

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.9AI score0.00913EPSS
Exploits0References2
NVD
NVD
added 2026/04/03 12:16 a.m.4 views

CVE-2026-32213

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...

10CVSS0.00913EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/02 11:26 p.m.21 views

CVE-2026-32213 Azure AI Foundry Elevation of Privilege Vulnerability

...

10CVSS0.00913EPSS
Exploits0References1
CVE
CVE
added 2026/04/02 11:26 p.m.23 views

CVE-2026-32213

Technical details (affected products, versions, root cause, fixes) are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories to obtain concrete impact and remediation information.

10CVSS5.9AI score0.00913EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/02 11:26 p.m.1 views

CVE-2026-32213 Azure AI Foundry Elevation of Privilege Vulnerability

...

10CVSS5.9AI score0.00913EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/02 11:26 p.m.2 views

CVE-2026-32213

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.9AI score0.00913EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/04/02 2:0 p.m.4 views

Azure AI Foundry Elevation of Privilege Vulnerability

Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network...

10CVSS5.9AI score0.00913EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.3 views

PT-2026-29905

Name of the Vulnerable Software and Affected Versions Azure AI Foundry affected versions not specified Description Improper authorization in Azure AI Foundry allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information about a newer...

10CVSS5.9AI score0.00913EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/02 12:0 a.m.11 views

Microsoft Azure AI Foundry 授权问题漏洞

Microsoft Azure AI Foundry is a platform tool developed by the American company Microsoft, used for building, managing, and deploying enterprise-level AI models and services. There is an authorization issue vulnerability in Microsoft Azure AI Foundry; this vulnerability stems from improper...

10CVSS5.8AI score0.00913EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2026/04/02 12:0 a.m.9 views

KLA90966 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Azure MCP Server can...

10CVSS5.7AI score0.00913EPSS
Exploits0References8
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/31 4:56 p.m.12 views

Security Bulletin: Remediation of Multiple Spring Vulnerabilities in IBM Library Support for Spring

Summary Multiple Spring Vulnerabilities have been addressed in IBM Library Support for Spring Vulnerability Details CVEID:CVE-2026-22731 DESCRIPTION: Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires...

9.1CVSS5.8AI score0.0122EPSS
Exploits3Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.4 views

CVE-2026-22733

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under the path used by the CloudFoundry Actuator endpoints. This issue affects Spring Security: from 4.0.0 through 4.0.3, from...

8.2CVSS5.8AI score0.0036EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:57 p.m.5 views

CVE-2026-22727

Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...

7.5CVSS5.8AI score0.00199EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/18 12:30 a.m.4 views

EUVD-2026-12667

Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...

7.5CVSS5.8AI score0.00199EPSS
Exploits0References2
NVD
NVD
added 2026/03/17 11:16 p.m.5 views

CVE-2026-22727

Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...

7.5CVSS0.00199EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/17 10:45 p.m.22 views

CVE-2026-22727 Cloud Foundry unprotected internal endpoints

Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...

7.5CVSS0.00199EPSS
Exploits0References1
Rows per page
Query Builder