8 matches found
How Storm-2949 turned a compromised identity into a cloud-wide breach
In this article 1. Attack chain overview 1. Cloud compromise: Microsoft Entra ID and Microsoft 365 2. Initial access and persistence through targeted social engineering and SSPR abuse 3. Directory discovery and persistence 4. Microsoft 365 discovery and exfiltration 5. Cloud compromise: Microsoft...
EUVD-2026-17765
Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service allows Serialized Data External Linking, Data Serializat...
CVE-2026-4374
CVE-2026-4374 affects RTI Connext Professional (Routing Service, Observability Collector, Recording Service, Queueing Service, Cloud Discovery Service). The issue is an improper restriction of XML External Entity references, enabling Serialized Data External Linking and data serialization-related...
Security Bulletin: Due to the use of Protobuf Pure-Python backend, IBM Watson Discovery Cartridge is vulnerable to corruption by exceeding the Python recursion limit
Summary IBM Watson Discovery Cartridge uses Protobuf Pure-Python backend for gRPC communication between the Python IOCR service and the Scala/Java pipeline components Vulnerability Details CVEID:CVE-2025-4565 DESCRIPTION: Any project that uses Protobuf Pure-Python backend to parse untrusted...
CVE-2024-52060
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service allows Buffer Overflow via Environment Variables.This issue affects Connext...
PT-2024-35111 · Real Time Innovations · Rti Connext Professional
Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 5.3.0 through 5.3.1.45 RTI Connext Professional versions 6.0.0 through 6.0. RTI Connext Professional versions 6.1.0 through 6.1.2.21 RTI Connext Professional versions 7.0.0 through 7.3.0.5 Description: The...
PT-2024-21114 · Real Time Innovations · Rti Connext Professional
Name of the Vulnerable Software and Affected Versions: RTI Connext Professional versions 5.3.1 through 6.1.0 Description: A buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected...
Microsoft Zero Trust deployment guide for your applications
Introduction More likely than not, your organization is in the middle of a digital transformation characterized by increased adoption of cloud apps and increased demand for mobility. In the age of remote work, users expect to be able to connect to any resource, on any device, from anywhere in the...