EUVD-2026-26136

A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorization. The attack can be initiated remotely. The complexity of an attack is rather high. The...

CVE-2026-7292

CVE-2026-7292 affects o2oa up to v10.0, in the NodeAgent.py syncFile function, causing improper authorization. The issue can be triggered remotely with high attack complexity; exploit maturity is PROOF-OF-CONCEPT and report confidence is REASONABLE. CVSS details: CVSSv3.1 base 5.6 (NETWORK, HIGH ...

CVE-2026-7292 o2oa NodeAgent NodeAgent.java syncFile improper authorization

A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorization. The attack can be initiated remotely. The complexity of an attack is rather high. The...

PT-2026-35812

A security vulnerability has been detected in o2oa up to 10.0. This impacts the function syncFile of the file NodeAgent.java of the component NodeAgent. The manipulation leads to improper authorization. The attack can be initiated remotely. The complexity of an attack is rather high. The...

EUVD-2022-36689

Malicious code in bioql PyPI...

Vulnerabilities fixed in Microsoft Azure

Microsoft has fixed vulnerabilities in Azure Network Watcher and the HPC Linux Node Agent. A malicious person could grant themselves elevated privileges by exploiting the vulnerability with attribute CVE-2025-21188 in the Network Watcher, or to execute arbitrary code by exploiting the vulnerabili...

CVE-2024-39755

A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG file can lead to execute priviledged operation. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

CVE-2024-39755

A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG file can lead to execute priviledged operation. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

Veertu Anka Build 安全漏洞

Veertu Anka Build is a centralized dashboard from Veertu. A security vulnerability exists in Veertu Anka Build version 1.42.0, which stems from an unexpected privilege escalation during a node agent update where a user with low privileges can trigger the update action...

Veertu Anka Build node agent update privilege escalation vulnerability

Talos Vulnerability Report TALOS-2024-2060 Veertu Anka Build node agent update privilege escalation vulnerability October 3, 2024 CVE Number CVE-2024-39755 SUMMARY A privilege escalation vulnerability exists in the node update functionality of Veertu Anka Build 1.42.0. A specially crafted PKG fil...

CVE-2022-33646

Azure Batch Node Agent Elevation of Privilege Vulnerability...

CVE-2022-33646

Azure Batch Node Agent Elevation of Privilege Vulnerability...

Privilege escalation

Azure Batch Node Agent Elevation of Privilege Vulnerability...

CVE-2022-33646 Azure Batch Node Agent Elevation of Privilege Vulnerability

...

CVE-2022-33646 Azure Batch Node Agent Elevation of Privilege Vulnerability

...

Azure Batch Node Agent Elevation of Privilege Vulnerability

...

PT-2022-4107 · Microsoft · Azure Batch Node Agent +1

Name of the Vulnerable Software and Affected Versions: Azure Batch Node Agent affected versions not specified Description: The issue is related to insufficient access restrictions in the Azure Batch service for Windows operating systems. Exploitation of this issue may allow an attacker to elevate...

Microsoft Azure Batch Node Agent 安全漏洞

Microsoft Azure is a suite of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Azure Batch Node Agent. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the...

Huawei FusionCompute Command Injection Vulnerability (CNVD-2021-84882)

Huawei FusionCompute is a computer virtualization engine from Huawei China. A command injection vulnerability exists in the CMA service of the Huawei FusionCompute product, which provides Virtual Resource Manager VRM and Compute Node Agent CNA. The vulnerability stems from the fact that special...

Huawei FusionCompute 命令注入漏洞

Huawei FusionCompute is a computer virtualization engine from Huawei China. A command injection vulnerability exists in the CMA service of the Huawei FusionCompute product, which provides Virtual Resource Manager VRM and Compute Node Agent CNA. The vulnerability stems from the fact that special...