40 matches found
Exploit for CVE-2026-31431
CVE-2026-31431 Copy Fail Checker Verifica si un host Linux...
CVE-2025-14377
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14377
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14377 Verve Asset Manager – Plaintext Storage Vulnerabilities
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
CVE-2025-14377
CVE-2025-14377 concerns the legacy Ansible playbook component of Verve Asset Manager. The issue arises from plaintext secrets being stored during playbook execution. This component has been retired and has been optional since the 1.36 release in 2024. The CVSS v4.0 score is 8.8 (HIGH), with netwo...
Rockwell Automation Verve Asset Manager security vulnerability
Rockwell Automation Verve Asset Manager is a supplier-neutral OT endpoint management platform provided by Rockwell Automation. There is a security vulnerability in Rockwell Automation Verve Asset Manager, which stems from the Ansible playbook component storing plaintext keys incorrectly during...
PT-2026-3557
A security issue was discovered within the legacy Ansible playbook component of Verve Asset Manager, caused by plaintext secrets incorrectly stored when a playbook is running. This component has been retired and has been optional since the 1.36 release in 2024...
EUVD-2024-38549
Malicious code in bioql PyPI...
EUVD-2022-24948
Malicious code in bioql PyPI...
CVE-2024-40629
JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...
ansible (>=10.0.0a1 <=10.7.0), ansible-playbook-grapher (>=2.3.0 <=2.5.0) +24 more potentially affected by CVE-2024-9902 via ansible-core (>=2.17.14 <=2.17.4)
ansible-core PYPI version =2.17.14, =10.0.0a1, =2.3.0, =0.2.1, =2.1.1b1, =4.1.0, =0.1.0, =10.0.0, =0.1.0, =1.3.3, =17.0.0, =0.1.0a0, =19.0.0, =20.5.1, =21.2.7 and more Source cves: CVE-2024-9902 Source advisory: OSV:GHSA-32P4-GM2C-WMCH...
ansible (>=6.0.0 <=7.7.0), ansible-doctor (>=3.1.2 <=3.1.3) +35 more potentially affected by CVE-2024-9902 via ansible-core (>=2.11.0 <=2.14.18)
ansible-core PYPI version =2.11.0, =6.0.0, =3.1.2, =1.1.2, =1.0.2, =1.0.4.1233rc0, =6.0.0, =8.0.0, =1.0.0, =1.4.1, =0.0.1, =0.2.0, =0.4.0 and more Source cves: CVE-2024-9902 Source advisory: OSV:GHSA-32P4-GM2C-WMCH...
CVE-2024-40629
JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser. An attacker can exploit the Ansible playbook to write arbitrary files, leading to...
PT-2024-5028 · Unknown +2 · Jumpserver +2
Name of the Vulnerable Software and Affected Versions: JumpServer versions prior to 3.10.12 JumpServer versions prior to 4.0.0 Description: The issue is related to the JumpServer Privileged Access Management PAM tool, which provides secure access to various endpoints through a web browser. An...
PT-2024-5027 · Unknown · Jumpserver
Name of the Vulnerable Software and Affected Versions: JumpServer versions prior to 3.10.12 JumpServer versions prior to 4.0.0 Description: JumpServer is an open-source Privileged Access Management PAM tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes...
SUSE-SU-2024:1525-1 Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 - CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 - Convert oscap output to UTF-8 -...
SUSE-SU-2024:1518-1 Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 - Bugs fixed...
SUSE-SU-2024:1517-1 Security update for SUSE Manager Salt Bundle
This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master bsc1219430 CVE-2024-22232: Prevent directory traversal attacks in the master's servefile method bsc1219431 - Bugs fixed...
Rocky Linux 8 : Rocky Enterprise Software Foundation Ceph Storage 4.1 (RLSA-2020:2231)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:2231 advisory. - A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were being used as default passwords while deploying Ceph services. A...
CVE-2022-1662
In convert2rhel, there's an ansible playbook named ansible/run-convert2rhel.yml which passes the Red Hat Subscription Manager user password via the CLI to convert2rhel. This could allow unauthorized local users to view the password via the process list while convert2rhel is running. However, this...