CVE-2025-3744 Nomad Vulnerable To Violation Of Mandatory Sentinel Policies in Nomad Job Submissions via Policy Override

Nomad Enterprise “Nomad” jobs using the policy override option are bypassing the mandatory sentinel policies. This vulnerability, identified as CVE-2025-3744, is fixed in Nomad Enterprise 1.10.1, 1.9.9, and 1.8.13...

CVE-2025-3744

CVE-2025-3744 affects HashiCorp Nomad Enterprise: when using the policy override option, Nomad Enterprise jobs can bypass mandatory sentinel policies. Root cause details are not explicitly enumerated beyond this bypass behavior, but the vulnerability is quantified as high severity (CVSS v3.1: 7.6...

HashiCorp Nomad Enterprise 安全漏洞

HashiCorp Nomad Enterprise is a professional version of a Nomad software from HashiCorp USA. A security vulnerability exists in HashiCorp Nomad Enterprise that stems from a policy override option bypassing the forced sentinel policy...

PT-2025-21028 · Hashicorp · Nomad Enterprise

Name of the Vulnerable Software and Affected Versions: Nomad Enterprise versions prior to 1.10.1 Nomad Enterprise versions prior to 1.9.9 Nomad Enterprise versions prior to 1.8.13 Description: Nomad Enterprise jobs using the policy override option are bypassing the mandatory sentinel policies...

SUSE CVE-2022-49792

In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core...

DEBIAN-CVE-2023-53057

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hciinitstagesyncstage considers that stagei is valid as long as stagei-1.func is valid. Thus, the last element of stage.func should be intentionally invali...

DEBIAN-CVE-2022-49792

In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core...

UBUNTU-CVE-2022-49792

In the Linux kernel, the following vulnerability has been resolved: iio: adc: mp2629: fix potential array out of bound access Add sentinel at end of maps to avoid potential array out of bound access in iio core...

UBUNTU-CVE-2022-49868

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 socdevattr fixed to register the soc as a device, kernel will experience an oops in socdevicematchattr This quirk test was introduced in the staging driver in comm...

CVE-2022-49868

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table With mt7621 socdevattr fixed to register the soc as a device, kernel will experience an oops in socdevicematchattr This quirk test was introduced in the staging driver in comm...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a missing sentinel tag issue in the phy ralink driver for the mt7621-pci driver...

aana (>=0.2.1 <=0.2.2.2), acai-swarm (=0.1.0) +214 more potentially affected by CVE-2024-11041 via vllm (>=0.10.0 <=0.9.2)

vllm PYPI version =0.10.0, =0.2.1, =1.2.1, =0.0.0, =2.3.5, =0.0.7, =0.0.1b1, =0.1.15, =0.2.4, =1.0.0, =1.0.14 and more Source cves: CVE-2024-11041 Source advisory: SNYK:PYTHON-VLLM-9513025...

Silk Typhoon targeting IT supply chain

Executive summary: Microsoft Threat Intelligence identified a shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions like remote management tools and cloud applications to gain initial access. While they haven't been observed directly targeting Microsoft...

SUSE CVE-2022-49186

In the Linux kernel, the following vulnerability has been resolved: clk: visconti: prevent array overflow in visconticlkregistergates This code was using -1 to represent that there was no reset function. Unfortunately, the -1 was stored in u8 so the if clksi.rsid = 0 condition was always true. Th...

CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook

Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help organizations get the most out of Microsoft’s newly introduced logs in Microsoft Purview Audit Standard. This step-by-step guide enables technical personnel to better detect and defend against advanced intrusio...

Moderate: Red Hat Security Advisory: ACS 4.6 enhancement and security update

Updated images are now available for Red Hat Advanced Cluster Security RHACS. The updated image includes new features and bug fixes. This release of RHACS 4.6 provides these new features: Support for ARM architecture in secured clusters Technology Preview Certifications for Red Hat Advanced Clust...

SUSE CVE-2022-48952

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

CVE-2022-48952

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

DEBIAN-CVE-2022-48952

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

UBUNTU-CVE-2022-48952

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...