863 matches found
CVE-2024-50312 Graphql: information disclosure via graphql introspection in openshift
A vulnerability was found in GraphQL due to improper access controls on the GraphQL introspection query. This flaw allows unauthorized users to retrieve a comprehensive list of available queries and mutations. Exposure to this flaw increases the attack surface, as it can facilitate the discovery ...
Guide: The Ultimate Pentest Checklist for Full-Stack Security
Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization's attack surface, both...
5 Ways to Reduce SaaS Security Risks
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based...
CVE-2024-49384
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49382
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49383
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49382
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49384
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49383
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49384
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49384
The CVE-2024-49384 issue affects Acronis Cyber Protect 16 (Linux and Windows) prior to build 38690, caused by the acep-collector service binding to an unrestricted IP address, creating an excessive attack surface. Technical details from PT-2024-33498 identify the vulnerable version range and root...
CVE-2024-49383
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49383
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49383
CVE-2024-49383 affects Acronis Cyber Protect 16 (Linux and Windows) prior to build 38690. The root cause is the acep-importer service binding to an unrestricted IP address, creating an excessive attack surface. Documents from multiple sources confirm the affected product/version and the potential...
CVE-2024-49382
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
CVE-2024-49382
The CVE-2024-49382 issue affects Acronis Cyber Protect 16 (Linux and Windows) prior to build 38690. The archive-server service binds to an unrestricted IP address, creating an excessive attack surface due to exposure. A confirmed remediation is to update to build 38690 or later; PT Security also ...
CVE-2024-49382
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 Linux, Windows before build 38690...
Acronis Cyber Protect 安全漏洞
Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Switzerland. Combining backup, anti-malware, network security and endpoint management features such as vulnerability assessment, URL filtering, patch management and more. A security...
Acronis Cyber Protect 安全漏洞
Acronis Cyber Protect is an all-in-one cyber protection solution for business and enterprise from Acronis Switzerland. Combining backup, anti-malware, network security and endpoint management features such as vulnerability assessment, URL filtering, patch management and more. A security...
Exploit for Incorrect Implementation of Authentication Algorithm in Ivanti Virtual_Traffic_Management
CVE-2024-7593 Description: CVE-2024-7593 is a critical v...