com.datastax.oss:pulsar-jms-filters (>=4.0.0 <=4.0.1), io.github.yangl:pulsar-msg-filter-plugin (=3.0) +6 more potentially affected by CVE-2024-27135 via org.apache.pulsar:pulsar-functions-worker (>=3.0.0 <=3.0.2)

org.apache.pulsar:pulsar-functions-worker MAVEN version =3.0.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.17 Source cves: CVE-2024-27135 Source advisory: OSV:GHSA-XP2R-G8QQ-44HH...

io.github.embedded-middleware:embedded-pulsar-core (>=0.0.4 <=0.0.5), org.apache.pulsar:pulsar-broker-auth-athenz (>=2.11.0 <=2.11.3) +3 more potentially affected by CVE-2024-28098 via org.apache.pulsar:pulsar-broker (>=2.11.0 <=2.11.3)

org.apache.pulsar:pulsar-broker MAVEN version =2.11.0, =0.0.4, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.3 Source cves: CVE-2024-28098 Source advisory: OSV:GHSA-G627-R579-RW35...

org.apache.pulsar:pulsar-broker-auth-athenz (=3.2.0), org.apache.pulsar:pulsar-broker-auth-sasl (=3.2.0) +2 more potentially affected by CVE-2024-28098 via org.apache.pulsar:pulsar-broker (=3.2.0)

org.apache.pulsar:pulsar-broker MAVEN version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-broker and may be impacted: - org.apache.pulsar:pulsar-broker-auth-athenz =3.2.0 - org.apache.pulsar:pulsar-broker-auth-sasl...

io.github.embedded-middleware:embedded-pulsar-core (>=0.0.4 <=0.0.5), org.apache.pulsar:pulsar-broker (>=2.11.0 <=2.11.3) +4 more potentially affected by CVE-2024-27894 via org.apache.pulsar:pulsar-functions-worker (>=2.11.0 <=2.11.3)

org.apache.pulsar:pulsar-functions-worker MAVEN version =2.11.0, =0.0.4, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.3 Source cves: CVE-2024-27894 Source advisory: OSV:GHSA-C2X9-VW5H-39VC...

org.apache.pulsar:pulsar-broker (=3.2.0), org.apache.pulsar:pulsar-broker-auth-athenz (=3.2.0) +3 more potentially affected by CVE-2024-27317 via org.apache.pulsar:pulsar-functions-worker (=3.2.0)

org.apache.pulsar:pulsar-functions-worker MAVEN version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-functions-worker and may be impacted: - org.apache.pulsar:pulsar-broker =3.2.0 -...

org.apache.pulsar:pulsar-server-distribution (>=2.11.0 <=2.11.2) potentially affected by CVE-2022-34321 via org.apache.pulsar:pulsar-proxy (>=2.11.0 <=2.11.2)

org.apache.pulsar:pulsar-proxy MAVEN version =2.11.0, =2.11.0, =2.11.2 Source cves: CVE-2022-34321 Source advisory: OSV:GHSA-C35H-W8HJ-MM55...

CVE-2024-22041

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...

PT-2024-2059

Name of the Vulnerable Software and Affected Versions Cerberus PRO EN Engineering Tool versions IP8 Cerberus PRO EN Fire Panel FC72x versions IP6 SR3 Cerberus PRO EN Fire Panel FC72x versions IP7 SR5 Cerberus PRO EN X200 Cloud Distribution versions V3.0.6602 Cerberus PRO EN X200 Cloud Distributio...

Number withdrawn

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control, and other functional modules to support the entire lifecycle of desktop and server management. This CVE number has...

CVE-2024-27303 electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only)

electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the .nsh...

DEBIAN-CVE-2023-50716

eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...

Memory corruption

eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...

UBUNTU-CVE-2023-50716

eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...

CVE-2023-50716 Invalid DATA_FRAG Submessage causes a bad-free error

eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...

CVE-2023-50716 Invalid DATA_FRAG Submessage causes a bad-free error

eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...

CVE-2023-50716

CVE-2023-50716 affects eProsima Fast DDS (formerly Fast RTPS). Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATA_FRAG Submessage can trigger a bad-free memory release within the Inline_qos/SerializedPayload path of the affected object, allowing the Fast-DDS process to b...

CVE-2023-50716 Invalid DATA_FRAG Submessage causes a bad-free error

eProsima Fast DDS formerly Fast RTPS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, an invalid DATAFRAG Submessage causes a bad-free error, and the Fast-DDS process can be remotely...

eProsima Fast DDS Security Vulnerability

eProsima Fast DDS is the C++ implementation of eProsima's OMG Object Management Group DDS Data Distribution Service standard. A security vulnerability exists in eProsima Fast DDS Fast RTPS versions prior to 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7, which stems from an invalid DATAFRAG sub-messag...

Hardcoded credentials

Maintenance Server, in Cybellum's QCOW air-gapped distribution China Edition, versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the...

CVE-2023-42419 Improper Management of Cryptographic Keys in the Maintenance Server in QCOW Air-Gapped Distribution (China Edition)

Maintenance Server, in Cybellum's QCOW air-gapped distribution China Edition, versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key. An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the...