EUVD-2021-1945

Malware in sbrugna...

PT-2025-26251 · Powsybl · Powsybl

Name of the Vulnerable Software and Affected Versions: PowSyBl versions 6.3.0 through 6.7.1 Description: The issue is a deserialization problem in the read method of the SparseMatrix class, which can lead to various privilege escalations depending on the circumstances. This method takes an...

Guidance on Potential Misconfiguration of Authorization of Multi-Tenant Applications that use Azure AD

Summary Microsoft has addressed an authorization misconfiguration for multi-tenant applications that use Azure AD, initially discovered by Wiz, and reported to Microsoft, that impacted a small number of our internal applications. The misconfiguration allowed external parties read and write access...

Guidance on Potential Misconfiguration of Authorization of Multi-Tenant Applications that use Azure AD

Summary Summary Microsoft has addressed an authorization misconfiguration for multi-tenant applications that use Azure AD, initially discovered by Wiz, and reported to Microsoft, that impacted a small number of our internal applications. The misconfiguration allowed external parties read and writ...

GHSA-246R-R2WF-FRHX Malicious password-reset in Akaunting

Akaunting version 2.1.12 and earlier suffers from a password reset spoofing vulnerability, wherein an attacker can proxy password reset requests through a running Akaunting instance, if that attacker knows the target's e-mail address. This issue was fixed in version 2.1.13 of the product. Please...