556 matches found
[SECURITY] Fedora 44 Update: pacemaker-3.0.2-3.fc44
Pacemaker is an advanced, scalable High-Availability cluster resource manager. It supports more than 16 node clusters with significant capabilities for managing resources and dependencies. It will run scripts at initialization, when machines go up or down, when related resources fail and can be...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: drm/amdgpu: Fixed NULL pointer dereferencing in the VRAM logic for APU devices Previously, APU platforms and other scenarios with uninitialized VRAM managers caused NULL pointer dereferencing in ttmresourcemanagerusage. The ro...
CVE-2026-41704
AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...
CVE-2026-41704
AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...
CVE-2026-41704
CVE-2026-41704 affects BOSH Director prior to v282.1.12. The issue arises from AgentClient#handle_method handling NATS responses: it may invoke inject_compile_log and format_exception, and the blobstore resource flow calls ResourceManager#get_resource(blob_id) followed by ResourceManager#delete_r...
EUVD-2026-32108
AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...
CVE-2026-41009
CVE-2026-41009 affects BOSH Director: all versions prior to v282.1.12. The vulnerability arises when the director uses a local blobstore; Blobstore::LocalClient#object_file_path joins the blobstore path with the provided oid without normalisation, enabling path traversal (e.g., oid = "../../jobs/...
CVE-2026-47280
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-47280
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-47280
CVE-2026-47280 describes an elevation of privilege in Azure Resource Manager due to improper authentication. The vulnerability is network-exploitable with no authentication or user interaction required, granting attacker HIGH integrity, confidentiality, and availability impact. CVSS 3.1 base scor...
CVE-2026-47280 Azure Resource Manager Elevation of Privilege Vulnerability
...
EUVD-2026-31514
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-47280 Azure Resource Manager Elevation of Privilege Vulnerability
...
CVE-2026-47280
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
PT-2026-42851
Name of the Vulnerable Software and Affected Versions Azure Resource Manager affected versions not specified Description Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no informati...
Microsoft Azure Resource Manager 授权问题漏洞
Microsoft Azure Resource Manager is a deployment and management service provided by the American company Microsoft. There is an authorization issue vulnerability in Microsoft Azure Resource Manager, which stems from improper authentication practices. This vulnerability could allow unauthorized...
Azure Resource Manager Elevation of Privilege Vulnerability
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
KLA91067 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Entra ID can be...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create the ttmresourcemanager entry in debugfs only if necessary. The driver creates /sys/kernel/debug/dri/0/mobttm even when the corresponding ttmresourcemanager is not allocated. This leads to a crash when trying to...
KLA91055 PE vulnerability in Microsoft Azure
An elevation of privilege vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-42822 Exploitation Related products Microsoft-Azure CVE list CVE-2026-42822 critical KB list Solution Install necessary updates fro...