BentoML SSRF Vulnerability in File Upload Processing

Description There's an SSRF in the file upload processing system that allows remote attackers to make arbitrary HTTP requests from the server without authentication. The vulnerability exists in the serialization/deserialization handlers for multipart form data and JSON requests, which automatical...

Programmable Data Planes for Network Security

The emergence of programmable data planes, and particularly switches supporting the P4 language, has transformed network security by enabling customized, line-rate packet processing. These switches, originally intended for flexible forwarding, now play a broader role: detecting and mitigating...

The vulnerability of the gateway_proxy_handler component in the machine learning lifecycle management platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the gatewayproxyhandler component in the Machine Learning Lifecycle Management platform is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility ...

GyoiThon

This is an offensive tool for penetration testing using machine learning. It is called GyoiThon. The tool is designed to perform penetration testing using machine learning algorithms and can be used to identify vulnerabilities in web applications and services. The tool uses a variety of technique...

Microsoft Azure Machine Learning Elevation of Privilege Vulnerability

Microsoft Azure Machine Learning is a machine learning services platform from Microsoft USA. Microsoft Azure Machine Learning has a security vulnerability that can be exploited by an attacker to potentially cause elevation of privilege...

Microsoft Azure Machine Learning elevation of privilege vulnerability (CNVD-2025-17136)

Microsoft Azure Machine Learning is a machine learning services platform from Microsoft USA. Microsoft Azure Machine Learning has a security vulnerability that can be exploited by an attacker to potentially cause elevation of privilege...

Microsoft Azure Machine Learning elevation of privilege vulnerability (CNVD-2025-17135)

Microsoft Azure Machine Learning is a machine learning services platform from Microsoft USA. Microsoft Azure Machine Learning has a security vulnerability that can be exploited by an attacker to potentially cause elevation of privilege...

Leveraging Trustworthy AI for Automotive Security in Multi-Domain Operations: Towards a Responsive Human-AI Multi-Domain Task Force for Cyber Social Security

Multi-Domain Operations MDOs emphasize cross-domain defense against complex and synergistic threats, with civilian infrastructures like smart cities and Connected Autonomous Vehicles CAVs emerging as primary targets. As dual-use assets, CAVs are vulnerable to Multi-Surface Threats MSTs,...

CVE-2025-49746

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

CVE-2025-49747

Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

CVE-2025-47995

Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

CVE-2025-49747

Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

CVE-2025-49746

Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

CVE-2025-47995

Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network...

CVE-2025-47995 Azure Machine Learning Elevation of Privilege Vulnerability

...

CVE-2025-47995

Azure Machine Learning is identified in CVE-2025-47995 as having weak authentication that enables a network-based privilege escalation by an authorized attacker. The entry derives from Microsoft/Red Hat and multiple security sources, describing the vulnerability as affecting Microsoft Azure Machi...

CVE-2025-47995 Azure Machine Learning Elevation of Privilege Vulnerability

...

CVE-2025-49746 Azure Machine Learning Elevation of Privilege Vulnerability

...

CVE-2025-49746

CVE-2025-49746 affects Microsoft Azure Machine Learning. The vulnerability is caused by improper authorization, enabling an attacker with network access to escalate privileges within the affected service. Documented impact is privilege escalation with high confidentiality, integrity, and availabi...

CVE-2025-49747 Azure Machine Learning Elevation of Privilege Vulnerability

...