CVE-2026-26148

External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally...

PT-2026-24338

Name of the Vulnerable Software and Affected Versions Azure Entra ID affected versions not specified Description An issue exists in Azure Entra ID where external initialization of trusted variables or data stores can allow an unauthorized attacker to elevate privileges locally. Recommendations At...

External Initialization of Trusted Variables or Data Stores

Overview ch.qos.logback:logback-core is a logback-core module. Affected versions of this package are vulnerable to External Initialization of Trusted Variables or Data Stores during the configuration file processing. An attacker can instantiate arbitrary classes already present on the class path ...

Valkey: The Future of Open Source In-Memory Data Stores

...

CVE-2023-40694

IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 264838...

Building Trustworthy AI Agents

The promise of personal AI assistants rests on a dangerous assumption: that we can trust systems we haven’t made trustworthy. We can’t. And today’s versions are failing us in predictable ways: pushing us to do things against our own best interests, gaslighting us with doubt about things we are or...

EUVD-2023-31598

Malicious code in bioql PyPI...

EUVD-2022-46469

Malicious code in bioql PyPI...

DEBIAN-CVE-2024-36350

A transient execution vulnerability in some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information...

CVE-2023-27863

IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325...

CVE-2022-43468

External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulate...

kernel: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fully validate NFTDATAVALUE on store to data registers register store validation for NFTDATAVALUE is conditional, however, the datatype is always either NFTDATAVALUE or NFTDATAVERDICT. This only requires a ne...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Elasticsearch denial of service vulnerabilitiy(CVE-2024-23449)

Summary A potential denial of service vulnerability CVE-2024-23449 has been identified related to Elasticsearch that affects IBM Watson CP4D Data Stores. This vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-23449 DESCRIPTION:...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Envoy denial of service vulnerabilitiy(CVE-2024-39305).

Summary Potential Envoy denial of service vulnerabilitiyCVE-2024-39305 has been identified that affects IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-39305 DESCRIPTION: Envoy is vulnerable to a...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Envoy denial of service vulnerabilitiy( CVE-2024-45810).

Summary Potential Envoy denial of service vulnerabilitiy CVE-2024-45810 has been identified that affects IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-45810 DESCRIPTION: Envoy is vulnerable to ...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to OpenSSH arbitrary code execution vulnerability (CVE-2024-6387)

Summary Potential OpenSSH arbitrary code execution vulnerabilitiy CVE-2024-6387 has been identified that could affect IBM Watson CP4D Data Stores. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-6387 DESCRIPTION: OpenSSH coul...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Golang Go denial of service vulnerabilitiy( CVE-2024-24783)

Summary Potential Golang Go denial of service vulnerabilitiy CVE-2024-24783 has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-24783 DESCRIPTION: Golang Go is...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Golang golang-fips/openssl denial of service vulnerabilitiy( CVE-2024-1394 )

Summary Potential Golang golang-fips/openssl denial of service vulnerabilitiy CVE-2024-1394 has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-1394 DESCRIPTION:...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Envoy Proxy Envoy denial of service vulnerabilitiy.(CVEID: CVE-2024-27919)

Summary PotentialEnvoy Proxy Envoy denial of service vulnerabilitiy.CVEID: CVE-2024-27919 has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-27919 DESCRIPTION:...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Elastic Elasticsearch denial of service vulnerabilitiy.( CVE-2024-23450)

Summary Potential Elastic Elasticsearch denial of service vulnerabilitiy. CVE-2024-23450 has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-23450 DESCRIPTION:...