Lucene search
K

46 matches found

EUVD
EUVD
added 2026/07/03 12:31 a.m.8 views

EUVD-2026-41442

Server-side request forgery ssrf in Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score0.0063EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 11:16 p.m.32 views

CVE-2026-57100

Server-side request forgery ssrf in Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a network...

9.9CVSS0.0063EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 10:18 p.m.24 views

CVE-2026-57100

Technical details on affected products/versions, root cause, exploit scenarios, or mitigations are not publicly provided in the supplied documents. Monitor official sources for updates.

9.9CVSS5.8AI score0.0063EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/07/02 10:18 p.m.34 views

CVE-2026-57100 Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability

...

9.9CVSS0.0063EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 10:18 p.m.7 views

CVE-2026-57100

Server-side request forgery ssrf in Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score0.0063EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/07/02 10:18 p.m.6 views

CVE-2026-57100 Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability

...

9.9CVSS5.9AI score0.0063EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/07/02 2:0 p.m.7 views

Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability

Server-side request forgery ssrf in Microsoft Entra Provisioning Service SyncFabric allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score0.0063EPSS
Exploits0
Kaspersky
Kaspersky
added 2026/07/02 12:0 a.m.6 views

KLA91129 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Microsoft Azure Synapse can be exploited remotely ...

9.9CVSS6.1AI score0.0063EPSS
Exploits0References4
NVD
NVD
added 2025/12/21 4:16 a.m.8 views

CVE-2025-68644

Yealink RPS before 2025-06-27 allows unauthorized access to information, including AutoP URL addresses. This was fixed by deploying an enhanced authentication mechanism through a security update to all cloud instances...

7.4CVSS0.00269EPSS
Exploits0References2
CVE
CVE
added 2025/12/21 3:1 a.m.23 views

CVE-2025-68644

Yealink RPS before 2025-06-27 allows unauthorized access to information (including AutoP URL addresses) due to an inadequate authentication mechanism. A security update deploying an enhanced authentication mechanism to all cloud instances fixes the issue. Affected product: Yealink RPS prior to 20...

7.4CVSS6.7AI score0.00269EPSS
Exploits0References2
NVD
NVD
added 2025/11/11 6:15 p.m.3 views

CVE-2025-62219

Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally...

7CVSS0.00232EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-18873

Malware in sbrugna...

8CVSS5.6AI score0.00228EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-0538

Malware in sbrugna...

7.5CVSS6.3AI score0.03656EPSS
Exploits2References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-48454

Malicious code in bioql PyPI...

7.8CVSS7AI score0.00617EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-30747

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.0033EPSS
Exploits0References2
CISA
CISA
added 2025/08/07 12:0 p.m.18 views

CISA Releases Ten Industrial Control Systems Advisories

CISA released ten Industrial Control Systems ICS advisories on August 7, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-219-01 Delta Electronics DIAView ICSA-25-219-02 Johnson Controls FX80 and FX90...

6.8AI score
Exploits0References10
ICS
ICS
added 2025/08/07 6:0 a.m.9 views

Yealink IP Phones and RPS (Redirect and Provisioning Service)

RISK EVALUATION Successful exploitation of these vulnerabilities could result in an information disclosure. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control system...

7.3AI score
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/23 7:56 a.m.10 views

CVE-2024-33002

Document Service handler obsolete in Data Provisioning Service does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability with low impact on Confidentiality and Integrity of the application...

6.1CVSS6AI score0.0033EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:18 a.m.8 views

CVE-2022-45589

All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use ...

7.2CVSS8.1AI score0.00617EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:19 p.m.6 views

CVE-2021-32003

Unprotected Transport of Credentials vulnerability in SiteManager provisioning service allows local attacker to capture credentials if the service is used after provisioning. This issue affects: Secomea SiteManager All versions prior to 9.5 on Hardware...

8CVSS6.6AI score0.00228EPSS
Exploits0References1
Rows per page
Query Builder