45 matches found
CVE-2026-33553
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS...
EUVD-2026-34019
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS...
CVE-2026-33553
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS...
CVE-2026-33553
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS...
CVE-2026-33553
CFEngine Enterprise vulnerable in 3.24.3 prior to 3.24.4 and 3.27.0 prior to 3.27.1; status: exposes cross‑site scripting (XSS). Upgrade to 3.24.4 or 3.27.1 to fix.
PT-2026-45827
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS...
CVE-2026-33553
Northern.tech CFEngine Enterprise 3.24.3 before 3.24.4 and 3.27.0 before 3.27.1 allows XSS...
Incorrect Authorization
Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization via the CoreExtension::column filter when sandboxing is enabled through SourcePolicyInterface. An attacker can bypass the sandbox property...
CVE-2026-24711
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control...
DEBIAN-CVE-2026-24712
Northern.tech CFEngine Enterprise and Community before 3.21.8, 3.24.3, and 3.27.0 allows Command injection...
CVE-2026-24711
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control...
CVE-2026-24712
Northern.tech CFEngine Enterprise and Community before 3.21.8, 3.24.3, and 3.27.0 allows Command injection...
CVE-2026-24710
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS...
PT-2026-40931
Northern.tech CFEngine Enterprise and Community before 3.21.8, 3.24.3, and 3.27.0 allows Command injection...
CVE-2026-24711
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control...
CVE-2026-24710
Northern.tech CFEngine Enterprise (and related CFEngine records) contains multiple CVEs affecting pre-3.21.8, 3.24.3, and 3.27.0. Specifically, CVE-2026-24710: CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS. Related CVEs CVE-2026-24711 and CVE-2026-24712 affect the same release ...
CVE-2026-24711
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control...
CVE-2026-24711
CVE-2026-24711 affects Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 with Incorrect Access Control. The NVD entry lists a CVSS v3.1 base score of 5.3 (Network, Low Confidentiality impact, No Integrity/Availability impact; privileges required: None; user interaction: None; sc...
PT-2026-40930
Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 has Incorrect Access Control...
Northern.tech CFEngine Enterprise 安全漏洞
Northern.tech CFEngine Enterprise is a multi-functional solution developed by Northern.tech, designed for automatically performing daily tasks. Versions prior to 3.21.8, 3.24.3, and 3.27.0 of Northern.tech CFEngine Enterprise contain security vulnerabilities due to incorrect access control...