408 matches found
rm-oneview-poc
RM OneView — Proof of Concept A working POC of the Relationsh...
Improper Isolation or Compartmentalization
Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization in the GroovyInterceptor initialization of classes via GroovySandbox. An administrator user with the Implementations entitlement can execute arbitrary code by creating a malicious Groovy class...
Astra Linux - уязвимость в docker.io-app
BuildKit is a toolkit for converting source code into build artifacts in an efficient, expressive, and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to...
CVE-2026-28873
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. An app may be able to circumvent App Privacy Report logging...
EUVD-2026-29223
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. An app may be able to circumvent App Privacy Report logging...
CVE-2026-28873
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. An app may be able to circumvent App Privacy Report logging...
CVE-2026-28873
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. An app may be able to circumvent App Privacy Report logging...
CVE-2026-28873
The CVE-2026-28873 issue stems from insufficient entitlement checks that could allow an app to bypass App Privacy Report logging. Affected products include Apple iOS and iPadOS, with fixes in iOS 18.7.9, iPadOS 18.7.9, iOS 26.4, and iPadOS 26.4. The underlying root cause is entitlement verificati...
CVE-2026-28873
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. An app may be able to circumvent App Privacy Report logging...
PT-2026-39766
Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iOS versions prior to 26.4 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.4 Description An application may be able to circumvent App Privacy Report logging. This issue is addressed by implementing...
Before the Breach, There Was a Test Environment
Key Takeaways Most security failures do not begin where they are discovered. By the time risk becomes visible in production, the decisions that created it are often already sitting in test environments. “Temporary” test infrastructure often becomes permanent, creating persistent misconfigurations...
CVE-2026-35431
Server-side request forgery ssrf in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network...
EUVD-2026-25312
Server-side request forgery ssrf in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-35431
Server-side request forgery ssrf in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-35431 Microsoft Entra ID Entitlement Management Spoofing Vulnerability
...
CVE-2026-35431 Microsoft Entra ID Entitlement Management Spoofing Vulnerability
...
CVE-2026-35431
Server-side request forgery ssrf in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-35431
CVE-2026-35431 covers a spoofing vulnerability in Microsoft Entra ID Entitlement Management. The entry indicates a remote, network-exploitable flaw with no user interaction, causing high impact to confidentiality, integrity, and availability (S:C, C:H, I:H, A:H). Exploit code maturity is UNPROVEN...
Microsoft Entra ID Entitlement Management Spoofing Vulnerability
Server-side request forgery ssrf in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network...
PT-2026-34762
Name of the Vulnerable Software and Affected Versions Microsoft Entra ID Entitlement Management affected versions not specified Description Server-side request forgery SSRF in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network. This flaw...