35 matches found
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via the stderr output when verbose logging is enabled. An attacker can obtain sensitive cluster credentials by accessing the stderr stream, which may be exposed through CI job logs,...
CVE-2025-14840
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1...
CVE-2025-14840
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1...
EUVD-2025-206433
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1...
CVE-2025-14840 HTTP Client Manager - Less critical - Information disclosure - SA-CONTRIB-2025-126
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1...
CVE-2025-14840
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal HTTP Client Manager allows Forceful Browsing.This issue affects HTTP Client Manager: from 0.0.0 before 9.3.13, from 10.0.0 before 10.0.2, from 11.0.0 before 11.0.1...
CVE-2025-14840
The CVE-2025-14840 entry concerns Drupal HTTP Client Manager with an improper check for unusual or exceptional conditions that could allow forceful browsing. Affected are Drupal HTTP Client Manager versions prior to 9.3.13, 10.0.0–10.0.2, and 11.0.0–11.0.1. Mitigation: upgrade to versions beyond ...
Drupal HTTP Client Manager security vulnerability
The Drupal HTTP Client Manager is an HTTP client management plugin for the Drupal community. Versions prior to 9.3.13, 10.0.2, and 11.0.1 of the Drupal HTTP Client Manager contained security vulnerabilities. These vulnerabilities were due to improper exception condition checks, which could lead t...
PT-2026-5207
Name of the Vulnerable Software and Affected Versions Drupal HTTP Client Manager versions prior to 9.3.13 Drupal HTTP Client Manager versions 10.0.0 through 10.0.2 Drupal HTTP Client Manager versions 11.0.0 through 11.0.1 Description An improper check for unusual or exceptional conditions exists ...
DRUPAL-CONTRIB-2025-126
Http Client Manager introduces a new Guzzle based plugin which allows you to manage HTTP clients using Guzzle Service Descriptions via YAML, JSON or PHP files, in a simple and efficient way. The modules allows administrators to configure HTTP requests as part of Event Condition Action ECA...
squid: vulnerable to a Denial of Service attack against Cache Manager error responses
A flaw was found in Squid, resulting in a potential denial of service attack targeting Cache Manager error responses. This issue enables a trusted client to execute a denial of service by manipulating the generation of error pages for Client Manager reports...
squid: vulnerable to a Denial of Service attack against Cache Manager error responses
A flaw was found in Squid, resulting in a potential denial of service attack targeting Cache Manager error responses. This issue enables a trusted client to execute a denial of service by manipulating the generation of error pages for Client Manager reports...
Malicious code in sid-client-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 271bfa6075e1282de1c0d5269d79377fe6b16e9d60fa41a2a6a070cb97795905 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1292 Malicious code in sid-client-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 271bfa6075e1282de1c0d5269d79377fe6b16e9d60fa41a2a6a070cb97795905 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the EMC Avamar Client Manager component of the Dell EMC Avamar Server backup system allows a attacker to compromise the confidentiality and integrity of the protected information.
The vulnerability of the EMC Avamar Client Manager component of the Dell EMC Avamar Server backup system is related to the use of open redirection. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information through a special...
CVE-2018-11066
Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticated attacker could...
CVE-2018-11067
CVE-2018-11067 is an open redirection vulnerability affecting Dell EMC Avamar Client Manager in Avamar Server (versions 7.2.x–18.1) and IDPA 2.0–2.2. An unauthenticated remote attacker could lure users to arbitrary URLs via crafted links, enabling phishing. Public records also document VMware vSp...
CVE-2018-11066
Summary of CVE-2018-11066 : Dell EMC Avamar / IDPA products are affected by a remote code execution vulnerability. The issue affects Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, ...
CVE-2017-3846
A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server. The vulnerability is due to insufficient input validation. An attacker could exploit...
SA102 : Unifed Agent Configuration Changes are not Detected
SUMMARY Configuration files for Unified Agent running in local enforcement mode can be modified by administrators on the client. Configuration files can be modified to unblock categories or to disable Unified Agent entirely. AFFECTED PRODUCTS Unified Agent --- CVE | Affected Versions | Remediatio...