83 matches found
CVE-2024-37080
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
CVE-2024-29905
DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process e.g., when using dirac-proxy-init, it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then...
CVE-2024-29905
Summary: CVE-2024-29905 affects DIRAC prior to version 8.0.41. During the proxy generation process (e.g., dirac-proxy-init), unauthorized users on the same machine could gain read access to the proxy for a sub-millisecond window, enabling actions as if using the original proxy. The issue is mitig...
CVE-2024-29905 DIRAC: Unauthorized users can read proxy contents during generation
DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process e.g., when using dirac-proxy-init, it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then...
[SECURITY] Fedora 39 Update: perl-Data-UUID-1.227-1.fc39
This module provides a framework for generating v3 UUIDs Universally Unique Identifiers, also known as GUIDs Globally Unique Identifiers. A UUID is 128 bits long, and is guaranteed to be different from all other UUIDs/GUIDs generated until 3400 CE. UUIDs were originally used in the Network...
The vulnerability of distributed computing platforms and PowerJob task scheduling systems, related to incorrect default permissions, allows attackers to gain unauthorized access to protected information.
The vulnerability of distributed computing platforms and the PowerJob task scheduling system is related to incorrect default permissions. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure VMware vCenter Server allows a perpetrator to execute arbitrary code.
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, VMware vCenter Server, is related to the possibility of writing data outside of the allowed range. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure VMware vCenter Server allows a attacker to cause a service failure.
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, such as VMware vCenter Server, is caused by a buffer overflow in memory. Exploiting this vulnerability can allow an attacker to cause a service failure remotely...
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure VMware vCenter Server allows a attacker to cause service failures or execute arbitrary code.
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, VMware vCenter Server, is caused by a buffer overflow in memory. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, VMware vCenter Server, arises from the use of memory after it is released. This allows a perpetrator to execute arbitrary code.
The vulnerability of the DCERPC protocol implementation in software for managing virtual infrastructure such as VMware vCenter Server relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the DCE/RPC process callaway system for operating systems like MacOS allows a perpetrator to execute arbitrary code.
The vulnerability of the DCE/RPC process callouts system for MacOS operating systems relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
Today’s Evolving Cloud Strategies Are Embracing Distributed Computing
...
PowerJob 安全漏洞
PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A security vulnerability exists in PowerJob version V4.3.1 that stems from the presence of insecure privileges...
GHSA-34M5-796P-MJCP Apache UIMA DUCC allows remote code execution
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" DUCC module of Apache UIMA, an authenticated user that has the permissions ...
AZL-8903 CVE-2021-23192 affecting package samba 4.12.5-7
A flaw was found in the way samba implemented DCE/RPC. If a client to a Samba server sent a very large DCE/RPC request, and chose to fragment it, an attacker could replace later fragments with their own data, bypassing the signature requirements...
Oracle MySQL Cluster Buffer Overflow Vulnerability (CNVD-2022-13059)
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful, highly redundant version of Oracle MySQL Cluster for distributed computing environments. The vulnerability can be exploited to allow a remote privileged user to compute...
Oracle MySQL Cluster Buffer Overflow Vulnerability (CNVD-2022-13053)
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful, highly redundant version of Oracle MySQL Cluster for distributed computing environments. Oracle MySQL Cluster is vulnerable to buffer overflow, which can be exploited to...
Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-13058)
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error, which can be exploited to execute arbitrary...
Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-13055)
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error, which can be exploited by attackers to...
Oracle MySQL Cluster Input Validation Error Vulnerability (CNVD-2022-13056)
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error that could be exploited by attackers to...