CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

CVE-2025-2515

CVE-2025-2515 concerns BlueChi, a multi-node systemd service controller used in RHIVOS. The vulnerability allows a user with root privileges on a managed node (qm) to create or override systemd service unit files that affect the host node, enabling privilege escalation, unauthorized service execu...

CVE-2025-2515 Bluechi: privilege escalation in bluechi via unrestricted cross-node systemd dependencies

A vulnerability was found in BlueChi, a multi-node systemd service controller used in RHIVOS. This flaw allows a user with root privileges on a managed node qm to create or override systemd service unit files that affect the host node. This issue can lead to privilege escalation, unauthorized...

Apache Druid’s Kerberos authenticator uses a weak fallback secret

Apache Druid’s Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. In this case, the secret is generated using ThreadLocalRandom, which is not a crypto-graphically secure random number generator...

Linux Distros Unpatched Vulnerability : CVE-2018-11802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node...

AZL-25673 CVE-2023-26484 affecting package kubevirt for versions less than 0.59.0-20

KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler the KubeVirt node-daemon is running, the virt-handler service account can be used to modify all node specs. This can be misused to...

AZL-34902 CVE-2023-26484 affecting package kubevirt for versions less than 1.2.0-1

KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler the KubeVirt node-daemon is running, the virt-handler service account can be used to modify all node specs. This can be misused to...

GHSA-J346-H5WC-RW2M Incorrect Authorization in Apache Solr

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all...

Improper Input Validation

Overview puppet is an automated configuration management tool. Affected versions of this package are vulnerable to Improper Input Validation. Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed...

USN-3036-1 linux-lts-utopic vulnerability

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O AIO ring buffer to the other nodes. A local attacker could use this to cause a denial of service system crash...