Aggregator
Cerbos: Open-source, scalable authorization solution
2 months 2 weeks ago
Cerbos is an open-source solution designed to simplify and modernize access control for cloud-native, microservice-based applications. Instead of hardcoding authorization logic into your application, Cerbos lets you write flexible, context-aware access policies using a YAML syntax. These policies are managed separately from your app and evaluated via simple API requests to Cerbos’ Policy Decision Point (PDP). Instant policy updates, no redeploys – Update access rules on the fly without recompiling or redeploying. Product owners can … More →
The post Cerbos: Open-source, scalable authorization solution appeared first on Help Net Security.
Help Net Security
CVE-2024-26809
2 months 2 weeks ago
Currently trending CVE - Hype Score: 7 - In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_pipapo: release elements in clone only from destroy path
Clone already always provides a current view of the lookup table, use it
to destroy the set, otherwise it is possible to destroy ...
CVE-2024-45333 | Intel Data Center GPU Flex for Windows Driver 31.0.101.4255 on Windows access control (intel-sa-01253)
2 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Intel Data Center GPU Flex for Windows Driver 31.0.101.4255 on Windows. This issue affects some unknown processing. The manipulation leads to improper access controls.
The identification of this vulnerability is CVE-2024-45333. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43101 | Intel Data Center GPU Flex for Windows Driver prior 31.0.101.4255 on Windows access control (intel-sa-01253)
2 months 2 weeks ago
A vulnerability classified as critical was found in Intel Data Center GPU Flex for Windows Driver on Windows. This vulnerability affects unknown code. The manipulation leads to improper access controls.
This vulnerability was named CVE-2024-43101. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-39758 | Intel Arc Graphics Software/Iris Xe Graphics Software prior 31.0.101.4032 access control (intel-sa-01253)
2 months 2 weeks ago
A vulnerability classified as critical has been found in Intel Arc Graphics Software and Iris Xe Graphics Software. This affects an unknown part. The manipulation leads to improper access controls.
This vulnerability is uniquely identified as CVE-2024-39758. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-36292 | Intel Data Center GPU Flex for Windows Driver prior 31.0.101.4314 on Windows memory corruption (intel-sa-01253)
2 months 2 weeks ago
A vulnerability was found in Intel Data Center GPU Flex for Windows Driver on Windows. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption.
This vulnerability is handled as CVE-2024-36292. An attack has to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-4574 | crossbeam-channel Crate up to 0.5.14 on Rust double free
2 months 2 weeks ago
A vulnerability was found in crossbeam-channel Crate up to 0.5.14 on Rust. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to double free.
This vulnerability is known as CVE-2025-4574. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-22895 | Intel Edge Orchestrator Software information disclosure (intel-sa-01239)
2 months 2 weeks ago
A vulnerability was found in Intel Edge Orchestrator Software. It has been classified as problematic. Affected is an unknown function. The manipulation leads to information disclosure.
This vulnerability is traded as CVE-2025-22895. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems
2 months 2 weeks ago
Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems.
The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0.
"A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera may allow a remote unauthenticated attacker to
The Hacker News
CVE-2024-28956 | Intel Processor information disclosure (intel-sa-01153)
2 months 2 weeks ago
A vulnerability was found in Intel Processor and classified as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure.
The identification of this vulnerability is CVE-2024-28956. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-20623 | Intel Core Processor information disclosure (intel-sa-01247)
2 months 2 weeks ago
A vulnerability has been found in Intel Core Processor and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure.
This vulnerability was named CVE-2025-20623. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-20611 | Intel Edge Orchestrator Software information disclosure (intel-sa-01239)
2 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Intel Edge Orchestrator Software. This affects an unknown part. The manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2025-20611. An attack has to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-24495 | Intel Core Ultra Processor initialization of resource (intel-sa-01322)
2 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Intel Core Ultra Processor. Affected by this issue is some unknown functionality. The manipulation leads to incorrect initialization of resource.
This vulnerability is handled as CVE-2025-24495. The attack needs to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-43420 | Intel Atom Arocessor information disclosure (intel-sa-01247)
2 months 2 weeks ago
A vulnerability classified as problematic was found in Intel Atom Arocessor. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure.
This vulnerability is known as CVE-2024-43420. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-20013 | Intel Edge Orchestrator Software See references information disclosure (intel-sa-01239)
2 months 2 weeks ago
A vulnerability classified as problematic has been found in Intel Edge Orchestrator Software See references. Affected is an unknown function. The manipulation leads to information disclosure.
This vulnerability is traded as CVE-2025-20013. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-20034 | Intel Server D50DNP Board/Server M50FCP Board prior 01.02.0003 BackupBiosUpdate UEFI Firmware SmiVariable Driver information disclosure (intel-sa-01269)
2 months 2 weeks ago
A vulnerability was found in Intel Server D50DNP Board and Server M50FCP Board. It has been rated as problematic. This issue affects some unknown processing of the component BackupBiosUpdate UEFI Firmware SmiVariable Driver. The manipulation leads to information disclosure.
The identification of this vulnerability is CVE-2025-20034. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-20009 | Intel Server D50DNP Board/Server M50FCP Board UEFI firmware GenerationSetup Module information disclosure (intel-sa-01269)
2 months 2 weeks ago
A vulnerability was found in Intel Server D50DNP Board and Server M50FCP Board. It has been declared as problematic. This vulnerability affects unknown code of the component UEFI firmware GenerationSetup Module. The manipulation leads to information disclosure.
This vulnerability was named CVE-2025-20009. An attack has to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-45332 | Intel Processor information disclosure (intel-sa-01247)
2 months 2 weeks ago
A vulnerability was found in Intel Processor. It has been classified as problematic. This affects an unknown part. The manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2024-45332. The attack needs to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-43564 | Adobe ColdFusion up to 2021.19/2023.13/2025.1 authorization (apsb25-52)
2 months 2 weeks ago
A vulnerability was found in Adobe ColdFusion up to 2021.19/2023.13/2025.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to incorrect authorization.
This vulnerability is handled as CVE-2025-43564. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com