161 matches found
CLSA-2026-1778858907 mod_proxy_cluster: Fix of 2 CVEs
CVE-2023-6710: stored XSS in modcluster-manager HTML output via virtual host and context names rendered without HTML escaping - CVE-2024-10306: unauthorized MCMP requests due to directive being ignored for protocol-handler filtering; runtime guard now refuses siblings of EnableMCPMReceive, and...
EUVD-2026-19550
Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio RES version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser functionality. To remediat...
CVE-2026-5709
Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio RES version 2024.10 through 2025.12.01 might allow a remote authenticated actor to execute arbitrary commands on the cluster-manager EC2 instance via crafted input when using the FileBrowser functionality. To remediat...
PT-2026-30747
Name of the Vulnerable Software and Affected Versions AWS Research and Engineering Studio RES versions 2024.10 through 2025.12.01 Description Improper input validation in the FileBrowser API within AWS Research and Engineering Studio RES could allow a remote authenticated attacker to execute...
MiracleLinux 7 : pacemaker-1.1.15-11.el7.2 (AXSA:2016-833:03)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-833:03 advisory. Pacemaker is an advanced, scalable High-Availability cluster resource manager for Corosync, CMAN and/or Linux-HA. It supports more than 16 node clusters with...
CVE-2025-34271
Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager component when requesting sensitive credentials from peer nodes over an unencrypted channel even when SSL/TLS is enabled in the product configuration. As a result, an attacker positioned on the network...
CVE-2025-34271
Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager component when requesting sensitive credentials from peer nodes over an unencrypted channel even when SSL/TLS is enabled in the product configuration. As a result, an attacker positioned on the network...
CVE-2025-34271
Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager component when requesting sensitive credentials from peer nodes over an unencrypted channel even when SSL/TLS is enabled in the product configuration. As a result, an attacker positioned on the network...
CVE-2025-34271 Nagios Log Server < 2024R2.0.2 Cluster Manager Credential Requests Sent Over Plaintext
Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager component when requesting sensitive credentials from peer nodes over an unencrypted channel even when SSL/TLS is enabled in the product configuration. As a result, an attacker positioned on the network...
CVE-2025-34271 Nagios Log Server < 2024R2.0.2 Cluster Manager Credential Requests Sent Over Plaintext
Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager component when requesting sensitive credentials from peer nodes over an unencrypted channel even when SSL/TLS is enabled in the product configuration. As a result, an attacker positioned on the network...
PT-2025-44514
Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R2.0.2 Description The software contains a flaw in the cluster manager component related to handling sensitive credentials. When requesting credentials from peer nodes, the communication occurs over an...
Nagios Log Server 安全漏洞
Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2024R2.0.2 that originates from the Cluster Manager component requesting sensitive credentials over an unencrypted...
EUVD-2008-6523
Malware in sbrugna...
EUVD-2025-12290
Malicious code in bioql PyPI...
EUVD-2022-35630
Malicious code in bioql PyPI...
EUVD-2025-12203
Malicious code in bioql PyPI...
EUVD-2024-3597
Malicious code in bioql PyPI...
CVE-2022-42951
An issue was discovered in Couchbase Server 6.5.x and 6.6.x before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2. During the start-up of a Couchbase Server node, there is a small window of time before the cluster management authentication has started where an attacker can connect to the cluster...
CVE-2022-32564
An issue was discovered in Couchbase Server before 7.0.4. In couchbase-cli, server-eshell leaks the Cluster Manager cookie...
CVE-2025-27086
A vulnerability in the HPE Performance Cluster Manager HPCM GUI could allow an attacker to bypass authentication...