Lucene search
K

22 matches found

The Hacker News
The Hacker News
added 2026/01/06 11:30 a.m.6 views

What is Identity Dark Matter?

The Invisible Half of the Identity Universe Identity used to live in one place - an LDAP directory, an HR system, a single IAM portal. Not anymore. Today, identity is fragmented across SaaS, on-prem, IaaS, PaaS, home-grown, and shadow applications. Each of these environments carries its own...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:34 p.m.10 views

CVE-2021-32836

ZStack is open source IaaSinfrastructure as a service software. In ZStack before versions 3.10.12 and 4.1.6 there is a pre-auth unsafe deserialization vulnerability in the REST API. An attacker in control of the request body will be able to provide both the class name and the data to be...

8.1CVSS8AI score0.02036EPSS
Exploits1References1
CNVD
CNVD
added 2024/10/23 12:0 a.m.6 views

Apache CloudStack Code Issue Vulnerability

Apache CloudStack is a set of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. A security vulnerability exists in Apache CloudStack, which stems from ...

7.1CVSS6.7AI score0.00393EPSS
Exploits0References1
CNVD
CNVD
added 2024/10/23 12:0 a.m.7 views

Apache CloudStack Input Validation Error Vulnerability (CNVD-2024-41660)

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack has a security vulnerability that can be exploited ...

8.5CVSS7.2AI score0.01229EPSS
Exploits0References1
CNVD
CNVD
added 2024/10/23 12:0 a.m.6 views

Apache CloudStack Access Control Error Vulnerability

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack suffers from an Access Control Error vulnerability...

6.3CVSS6.6AI score0.00708EPSS
Exploits0References1
CNVD
CNVD
added 2024/04/09 12:0 a.m.8 views

Apache CloudStack Security Bypass Vulnerability (CNVD-2024-20837)

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack suffers from a security bypass vulnerability that...

7.3CVSS6.9AI score0.00785EPSS
Exploits0References1
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/05/03 4:0 p.m.18 views

Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report

As we continue to drive toward making the world safer and more productive for all, it is vital we empower our customers to secure every aspect of their organization. Each day we are seeing more advanced security threats as bad actors develop new tactics that aim to take advantage of businesses as...

6.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/05/03 4:0 p.m.13 views

Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report

As we continue to drive toward making the world safer and more productive for all, it is vital we empower our customers to secure every aspect of their organization. Each day we are seeing more advanced security threats as bad actors develop new tactics that aim to take advantage of businesses as...

6.7AI score
Exploits0
CNVD
CNVD
added 2022/03/21 12:0 a.m.21 views

Apache CloudStack Security Feature Issue Vulnerability

Apache CloudStack is an Infrastructure-as-a-Service IaaS cloud computing platform from the Apache Foundation. The platform is primarily used to deploy and manage large networks of virtual machines.A security feature issue vulnerability exists in versions of Apache CloudStack prior to 4.16.1.0,...

7.5CVSS3.6AI score0.02806EPSS
Exploits1References1
CNVD
CNVD
added 2022/02/13 12:0 a.m.25 views

Dell EMC Integrated System Elevation of Privilege Vulnerability

DELL EMC Integrated System is a native hybrid cloud platform for infrastructure and platform-as-a-service from Dell USA. An elevation of privilege vulnerability exists in Dell EMC Integrated System for Microsoft Azure Stack Hub. The vulnerability stems from an incorrect programmatic call to an...

9.9CVSS9.4AI score0.00933EPSS
Exploits0References1
CVE
CVE
added 2021/08/17 4:0 p.m.44 views

CVE-2021-32829

ZStack REST API is affected by a post-authentication Remote Code Execution (RCE) vulnerability via bypass of the Groovy sandbox. The GET zstack/v1/batch-queries?script endpoint processes a Groovy script through APIBatchQueryMsg.script, evaluated in BatchQuery.query, with sandboxing applied by San...

9.9CVSS10AI score0.02902EPSS
Exploits1References3Affected Software1
Rapid7 Blog
Rapid7 Blog
added 2021/04/05 2:15 p.m.169 views

A Quick Look Into Cloud Security Posture Management (CSPM)

The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business needs. But figuring out the right tool—let alone the right type of tool—can be difficult. Gartner has five security archetypes that fall under the broader cloud security...

7.2AI score
Exploits0
Rockylinux
Rockylinux
added 2020/07/29 7:15 a.m.13 views

Rocky Enterprise Software Foundation OpenStack Platform 16.1 bug fix and enhancement advisory

An update is available for python-gflags, python-oauth2client, google-api-python-client, python-httplib2, python-uritemplate. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

0.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2020/03/10 11:54 a.m.6 views

Moderate: Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 13 bug fix and enhancement advisory

Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 13.0 Queens for RHEL 7. Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud running on commonly available...

7.5CVSS7.1AI score0.02815EPSS
Exploits0References34
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/01/10 9:38 a.m.71 views

IR & Forensics in the Cloud

More and more organisations are moving their business to the cloud. This makes securing data and being able to respond effectively to incidents in cloud environments an important topic. Having the skills on hand to properly collect digital forensics data in response to a legal dispute or during a...

6.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/08/20 7:25 p.m.55 views

How to Prepare for Misconfigurations Clouding the Corporate Skies

Cloud-based storage and infrastructure provides myriad benefits for any organization, like letting them avoid the costs of expensive hardware and granting them quick access to infrastructure as needed. Companies can use cloud services for minutes or years, depending on their needs. However, there...

6.8AI score
Exploits0References7
Veracode
Veracode
added 2019/05/02 5:6 a.m.33 views

Information Disclosure

Red Hat Enterprise Linux OpenStack Platform provides the facilities for building a private or public infrastructure-as-a-service IaaS cloud running on commonly available physical hardware. Changes to the ceph component: In the previous version, launching of nova instances resulted in nova-compute...

3.5CVSS7.1AI score0.10066EPSS
Exploits0References32Affected Software15
RedHat Linux
RedHat Linux
added 2019/03/14 1:55 p.m.6 views

Moderate: Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 13.0 director Bug Fix Advisory

Updated director installer packages that resolve various issues are now available for Red Hat OpenStack Platform 13.0 Queens for RHEL 7. Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud running on...

7.5CVSS6.6AI score0.0152EPSS
Exploits0References84
RedHat Linux
RedHat Linux
added 2018/12/05 7:1 p.m.7 views

Moderate: Red Hat Bug Fix Advisory: Red Hat OpenStack Platform 12 Bug Fix and Enhancement Advisory

Updated packages that resolve various issues are now available for Red Hat OpenStack Platform 12.0 Pike for RHEL 7. Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service IaaS cloud running on commonly available...

7.8CVSS6.8AI score0.03088EPSS
Exploits0References2
CNVD
CNVD
added 2018/03/14 12:0 a.m.0 views

Red Hat CloudForms Management Engine Design Vulnerability

The Red Hat CloudForms Management Engine CFME is a management engine for IaaS Infrastructure as a Service cloud services solutions from Red Hat, Inc. A security vulnerability exists in the CloudForms account configuration in Red Hat CFME. An attacker could use the vulnerability to view and change...

7.5CVSS6.8AI score0.00894EPSS
Exploits0References1
Rows per page
Query Builder