11955 matches found
PT-2026-24663
Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under certain circumstances...
PT-2026-24891
A vulnerability was identified in Jcharis Machine-Learning-Web-Apps up to a6996b634d98ccec4701ac8934016e8175b60eb5. The impacted element is the function render template of the file Machine-Learning-Web-Apps-master/Build-n-Deploy-Flask-App-with-Waypoint/app/app.py of the component Jinja2 Template...
Linux Distros Unpatched Vulnerability : CVE-2026-3783
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second...
EUVD-2026-10687
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
EUVD-2026-10688
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
EUVD-2025-208477
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
EUVD-2025-208478
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
CVE-2026-26117
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-26117
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2025-13901
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
CVE-2026-26117
CVE-2026-26117 concerns Arc Enabled Servers running the Azure Connected Machine Agent. The vulnerability is an Elevation of Privilege issue affecting the Azure Arc-enabled machine agent on Arc-enabled servers. According to the CVSS data, it is a local, low-complexity attack requiring LOW privileg...
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2026-26117
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
...
CVE-2025-13901
CVE-2025-13901 : CWE-404, Improper Resource Shutdown or Release, causing partial Denial of Service on the Machine Expert protocol when an unauthenticated attacker sends a malicious payload to occupy active communication channels. CVSSv4 base score 6.9 (MEDIUM); vector: Network, Low attack complex...
CVE-2025-13901
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
CVE-2025-13901
CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels...
Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally...
GHSA-J4J7-VW47-RHFQ vulnerabilities
Vulnerabilities for packages: knative-net-istio-fips, datadog-agent, influxd, restic-fips, gatus-fips, ingress-nginx-controller, terraform-provider-azuread, crossplane-provider-aws-sqs-fips, elastic-agent, kube-state-metrics, goose, kapp-controller-fips, ollama-fips, envoy-gateway-fips, snyk-cli,...
CVE-2026-25679 vulnerabilities
Vulnerabilities for packages: knative-net-istio-fips, kapp, datadog-agent, influxd, restic-fips, http-echo, gatus-fips, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, postgres-operator-fips, terraform-provider-azuread, crossplane-provider-aws-sqs-fips, elastic-agent,...