Newly published App-V applications are not visible to end users

After most recent upgrade of Web Studio users are not able to see newly published App-V packages/applications. This issue affects only newly published App-V applications...

CVE-2023-22651

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into th...

GHSA-QXJ7-2X7W-3MPP Duende.AccessTokenManagement race condition when concurrently retrieving customized Client Credentials Access Tokens

Summary Duende.AccessTokenManagement contains a race condition when requesting access tokens using the client credentials flow. Concurrent requests to obtain an access token using differing protocol parameters can return access tokens obtained with the wrong scope, resource indicator, or other...

AZL-52213 CVE-2024-51744 affecting package jx for versions less than 3.10.182-1

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

AZL-52198 CVE-2024-51744 affecting package dcos-cli for versions less than 1.2.0-18

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

Server 2012R2 with VDA 1912 CU9 "Citrix Group Policy Engine" crashes every 30 minutes

Server 2012R2 with VDA 1912 CU9 "Citrix Group Policy Engine" crashes every 30 minutes This only occurred after upgrading 2012R2 VDAs from 1912 CU8 to 1912 CU9. The issue occurs randomly without a known trigger, with the Event ID: 7034 being logged within the System event logs stating - "The Citri...

SUSE CVE-2018-12383

If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Firefox 58. The new master password is...

HTML5 app launch doesn't work via Netscaler after upgrading the CVAD setup

Upgrade Xendesktop from 7.15 Cu8 to 1912 CU5 or above Could connect externally through ADC Netscaler using HTML5 when on 7.15 but not with the latest codes Connecting to the machines using HTML5 via direct storefront works fine App launch via workspace app works fine though ADC as well Only while...

CVE-2022-35921

fof/byobu is a private discussions extension for Flarum forum. Affected versions were found to not respect private discussion disablement by users. Users of Byobu should update the extension to version 1.1.7, where this has been patched. Users of Byobu with Flarum 1.0 or 1.1 should upgrade to...

GHSA-92MR-4W2Q-4578 Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINSHOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the...

CVE-2021-31382

On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon chassisd and firewall process dfwd of Juniper Networks Junos OS, may update the device's interfaces with incorrect firewall filters. This issue only occurs whe...

CVE-2021-41573

Hitachi Content Platform Anywhere HCP-AW 4.4.5 and later allows information disclosure. If authenticated user creates a link to a file or folder while the system was running version 4.3.x or earlier and then shares the link and then later deletes the file or folder without deleting the link and...

UBUNTU-CVE-2021-20335

For MongoDB Ops Manager versions prior to and including 4.2.24 with multiple OM application servers, that have SSL turned on for their MongoDB processes, the upgrade to MongoDB Ops Manager versions prior to and including 4.4.12 triggers a bug where Automation thinks SSL is being turned off, and c...

tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS

A flaw was found in Apache Tomcat, where an h2c direct connection did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests are made, an OutOfMemoryException could occur, leading to a denial of service. The highest threat from this vulnerability i...

CISCO IOS 12.1.4 Security Hole

Hi there, today I upgraded my cisco 1003 to IOS 12.14. The funny thing is that my accesslist on the BRI is no longer working. Take a look at the config and see for yourself : interface BRI0 ip unnumbered Ethernet0 ip access-group 101 in no ip redirects no ip proxy-arp encapsulation ppp no logging...