539 matches found
CVE-2026-41704
AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...
CVE-2026-41704
CVE-2026-41704 affects BOSH Director prior to v282.1.12. The issue arises from AgentClient#handle_method handling NATS responses: it may invoke inject_compile_log and format_exception, and the blobstore resource flow calls ResourceManager#get_resource(blob_id) followed by ResourceManager#delete_r...
EUVD-2026-32108
AgentClienthandlemethod lines 264-303 processes every NATS reply. It calls injectcompilelog line 273 on every response, which reads response'value''result''compilelogid' line 332-338 and passes it to downloadanddeleteblob. Separately, any response containing 'exception' goes through formatexcepti...
CVE-2026-41009
CVE-2026-41009 affects BOSH Director: all versions prior to v282.1.12. The vulnerability arises when the director uses a local blobstore; Blobstore::LocalClient#object_file_path joins the blobstore path with the provided oid without normalisation, enabling path traversal (e.g., oid = "../../jobs/...
CVE-2026-47280
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-47280
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-47280
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-47280 Azure Resource Manager Elevation of Privilege Vulnerability
...
CVE-2026-47280 Azure Resource Manager Elevation of Privilege Vulnerability
...
CVE-2026-47280
CVE-2026-47280 describes an elevation of privilege in Azure Resource Manager due to improper authentication. The vulnerability is network-exploitable with no authentication or user interaction required, granting attacker HIGH integrity, confidentiality, and availability impact. CVSS 3.1 base scor...
EUVD-2026-31514
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
PT-2026-42851
Name of the Vulnerable Software and Affected Versions Azure Resource Manager affected versions not specified Description Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no informati...
Microsoft Azure Resource Manager 授权问题漏洞
Microsoft Azure Resource Manager is a deployment and management service provided by the American company Microsoft. There is an authorization issue vulnerability in Microsoft Azure Resource Manager, which stems from improper authentication practices. This vulnerability could allow unauthorized...
Azure Resource Manager Elevation of Privilege Vulnerability
Improper authentication in Azure Resource Manager ARM allows an unauthorized attacker to elevate privileges over a network...
KLA91067 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Entra ID can be...
KLA91055 PE vulnerability in Microsoft Azure
An elevation of privilege vulnerability was found in Microsoft Azure. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-42822 Exploitation Related products Microsoft-Azure CVE list CVE-2026-42822 critical KB list Solution Install necessary updates fro...
Microsoft Azure Resource Manager和Microsoft Azure Local 授权问题漏洞
Microsoft Azure Resource Manager and Microsoft Azure Local are both products of Microsoft Corporation in the United States. Microsoft Azure Resource Manager is a service for deploying and managing resources. Microsoft Azure Local is a hybrid cloud infrastructure platform. There are authorization...
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices Previously, APU platforms and other scenarios with uninitialized VRAM managers triggered a NULL pointer dereference in ttmresourcemanagerusage. The root cause...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Create a debugfs ttmresourcemanager entry only if needed The driver creates /sys/kernel/debug/dri/0/mobttm even when the corresponding ttmresourcemanager is not allocated. This leads to a crash when trying to read fro...
CVE-2026-7445
A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote...