News & Sicurezza
Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.
24948 risultati
CVE ID :CVE-2026-56073 Published : June 19, 2026, 9:39 p.m. | 14 hours, 4 minutes ago Description :Cap-go before 12.128.2 contains an authentication bypass vulnerability in OTP verification that allows attackers to bypass email verification by modifying server responses. Attackers can intercept OTP verification requests and manipulate HTTP responses to falsely mark verification successful, enabling unauthorized 2FA enablement and account takeover. Severity: 9.4 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.
CVE ID :CVE-2026-47645 Published : June 19, 2026, 8:29 p.m. | 17 hours, 13 minutes ago Description :None Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-48582 Published : June 19, 2026, 8:29 p.m. | 15 hours, 13 minutes ago Description :None Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-50519 Published : June 19, 2026, 8:28 p.m. | 17 hours, 14 minutes ago Description :None Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-48584 Published : June 19, 2026, 8:27 p.m. | 15 hours, 15 minutes ago Description :None Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-45480 Published : June 19, 2026, 8:27 p.m. | 15 hours, 15 minutes ago Description :None Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-42895 Published : June 19, 2026, 8:27 p.m. | 17 hours, 15 minutes ago Description :None Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-32208 Published : June 19, 2026, 8:27 p.m. | 15 hours, 15 minutes ago Description :None Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-50559 Published : June 19, 2026, 8:26 p.m. | 15 hours, 16 minutes ago Description :Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20.6.2, Quarkus HTTP path-based authorization policies can be bypassed using encoded semicolons (%3B) to smuggle matrix parameters past the security layer, and using encoded slashes (%2F) or backslashes (%5C) to access protected static resources. This is a distinct issue from CVE-2026-39852, which addressed only literal semicolon stripping. Versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20.6.2 contain a patch. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Pagina 190 di 2079