CVE-2026-42316

Summary: The kafka-sink-azure-kusto Kafka Connect plugin (Microsoft’s sink for Azure Data Explorer) is affected by a KQL injection vulnerability in the kusto.tables.topics.mapping configuration. Before version 5.2.3, db/table/mapping/format fields were interpolated directly into KQL commands via ...

Improper Encoding or Escaping of Output

Overview AWSSDK.Extensions.CloudFront.Signers is a package contains extension methods for creating signed URLs for Amazon CloudFront distributions and for creating signed cookies for Amazon CloudFront distributions using canned or custom policies. Affected versions of this package are vulnerable ...

Pomerium 安全漏洞

Pomerium is an open source identity-aware access agent from Pomerium, Inc. It is used to enable secure access to internal applications. A security vulnerability exists in versions prior to Pomerium v0.27.1 that stems from improper access to the Data Proxy API. An attacker could exploit the...

CVE-2020-1013

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine. To exploit this vulnerability, an...

McAfee Total Protection (MTP) Security Restriction Bypass Vulnerability

McAfee Total Protection is a suite of antivirus software from the American company McAfee McAfee. A security vulnerability exists in the Windows client in McAfee MTP versions prior to 16.0.R18. This vulnerability can be exploited by a local attacker with specially crafted malware to bypass the...