EUVD-2024-37190

Malicious code in bioql PyPI...

CVE-2022-36103

Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR certificate signing request Talos control plane node might issue Talos API...

CVE-2024-51544

Service Control vulnerabilities allow access to service restart requests and vm configuration settings. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

The vulnerability of the Initial Machine Configuration component in Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the Initial Machine Configuration component in Windows operating systems is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2024-38223

Windows Initial Machine Configuration Elevation of Privilege Vulnerability...

CVE-2024-38223 Windows Initial Machine Configuration Elevation of Privilege Vulnerability

...

CVE-2024-38223

Technical details for CVE-2024-38223 are not publicly available in the provided documents. No information on affected products, root cause, or fixes is supplied here. Monitor sources for updates.

Windows Initial Machine Configuration Elevation of Privilege Vulnerability

...

PT-2024-5651 · Microsoft · Windows Initial Machine Configuration +1

Name of the Vulnerable Software and Affected Versions: Windows Initial Machine Configuration affected versions not specified Description: The issue is related to insufficient access control in the Windows Initial Machine Configuration component, allowing an attacker to elevate their privileges...

How to Configure a Promiscuous Virtual Machine in XenServer

This article describes how to configure a Virtual Machine VM running on XenServer to behave promiscuously on the network, that is, allow it to see all network traffic on the Physical Network Interface PIF. Certain applications, such as network diagnostic or performance monitoring tools, might...

New catalog creation fails with error, "Invalid configuration for device '0'."

Unable to create new MCS catalogs with the image created via the ELM. The error being seen is. 15:15:38:91700,3852,3228,Citrix.MachineCreation.exe,0,MachineCreationServiceHCL,,0,,1,Error,"Create VM 'test-applay001' Failed with error PluginUtilities.Exceptions.ManagedMachineGeneralException: Inval...

GHSA-7HGC-PHP5-77QQ Talos worker join token can be used to get elevated access level to the Talos API

Impact Talos worker nodes use a join token to get accepted into the Talos cluster. A misconfigured Kubernetes environment may allow workloads to access the join token of the worker node. A malicious workload could then use the join token to construct a Talos CSR certificate signing request. Due t...

Talos worker join token can be used to get elevated access level to the Talos API

Impact Talos worker nodes use a join token to get accepted into the Talos cluster. A misconfigured Kubernetes environment may allow workloads to access the join token of the worker node. A malicious workload could then use the join token to construct a Talos CSR certificate signing request. Due t...

CVE-2022-36103

Talos Linux is a Linux distribution built for Kubernetes deployments. Talos worker nodes use a join token to get accepted into the Talos cluster. Due to improper validation of the request while signing a worker node CSR certificate signing request Talos control plane node might issue Talos API...

PT-2022-4910 · Talos · Talos

Name of the Vulnerable Software and Affected Versions: Talos versions prior to 1.2.2 Description: The issue is related to improper validation of the request while signing a worker node CSR, which might allow a Talos control plane node to issue a Talos API certificate with full access to the Talos...

The vulnerability of the portal/patient/_machine_config.php component of the software for managing medical organizations OpenEMR allows a intruder to gain unauthorized access to protected information.

The vulnerability of the portal/patient/machineconfig.php component of the software for managing medical organizations OpenEMR is related to insufficient checking of permission assignment for critical resources. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gai...

March 2016 update for Windows Server 2012 R2 clusters to fix several issues

March 2016 update for Windows Server 2012 R2 clusters to fix several issues This article describes issues in which Data Protection Manager DPM filter driver can't track changes on Cluster Shared Volumes CSV or virtual machine VM configuration resource online fails due to invalid resource state in...

Error: "Power State Unknown" "CDS_EVENT_HOSTING_FAILED_POWER_ACTION" in XenDesktop

Machines in Desktop Studio or Desktop Director display a Power State of Unknown. CDSEVENTHOSTINGFAILEDPOWERACTION The Citrix Broker Service detected that power action '%1' on virtual machine '%2' failed. This problem is most likely due to a host issue. Check that the configuration of the virtual...

Visual Studio 2017 version 15.9.0 to 15.9.45 update

Visual Studio 2017 version 15.9.0 to 15.9.45 security update. This update applies to all affected editions of Visual Studio 2017 version 15.9. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the updat...

Exclude IMC

Ensures that update is only targeted on the machines that did not have an Initial Machine Configuration IMC...