208 matches found
CVE-2026-50628 Apache CXF: OAuth2: Inverted IP Binding Check Defeats Security Control
A logic error in OAuthRequestFilter rejects legitimate requests originating from the bound IP address, while blindly allowing requests from any other IP address. Enabling this security feature inadvertently creates an inverse security check. Users are recommended to upgrade to versions 4.2.2 or...
CVE-2026-0268
A security control bypass vulnerability in Prisma Access Agent for Linux allows a local attacker to route network traffic outside the VPN tunnel. This does not impact Prisma Access Agent on Windows, macOS, iOS, Android, or ChromeOS...
CVE-2026-41971
Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41971
Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41971
Technical details (affected products, vulnerable component, root cause, exploitability) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-41971
Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2026-41971
Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
EUVD-2026-30527
Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
Remote Code Execution
Sonatype Nexus Repository is vulnerable to Remote Code Execution. The vulnerability is due to a flaw in the task management component, where an authenticated attacker with task creation permissions can bypass the nexus.scripts.allowCreation security control and execute arbitrary code...
An Automated Framework for Cybersecurity Policy Compliance Assessment against Security Control Standards
Organizational cybersecurity policies are often examined to determine whether they adequately comply standard security controls. This task is difficult because control statements are abstract, whereas policy documents describe governance practices in varied natural language. As a result,...
Huawei HarmonyOS Security Control Conditional Competition Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A conditional contention vulnerability exists in the Huawei HarmonyOS security control, which can be exploited by an attacker to cause availability to be...
CVE-2026-28550
Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability...
EUVD-2026-9809
Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28550
Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28550
Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28550
Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28550
Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28550
Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-28550
Technical details for CVE-2026-28550 are not publicly available in the provided documents. No explicit information on affected products, components, root cause, or fixes. Monitor sources for updates to confirm scope and remediation.
CVE-2026-0869
Authentication bypass in Brocade ASCG 3.4.0 Could allow an unauthorized user to perform ASCG operations related to Brocade Support LinkBSL and streaming configuration. and could even disable the ASCG application or disable use of BSL data collection on Brocade switches within the fabric...