CVE-2026-25770

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the Wazuh Manager's cluster synchronization protocol. The wazuh-clusterd service allows authenticated...

CVE-2024-38346

The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...

CVE-2024-38346

The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...

CVE-2023-50275

HPE OneView may allow clusterService Authentication Bypass resulting in denial of service...

January 10, 2023—KB5022286 (OS Build 17763.3887) - EXPIRED

January 10, 2023—KB5022286 OS Build 17763.3887 - EXPIRED EXPIRATION NOTICEIMPORTANT - As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. Important: For...

Apache Tomcat 10.1 - Denial Of Service Exploit

Exploit Title: Apache Tomcat 10.1 - Denial Of Service Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://tomcat.apache.org/ Software Link: https://tomcat.apache.org/download-10.cgi Version: = 10.1 Tested on: Apache Tomcat 10.0 Docker CVE : CVE-2022-29885 CVE Owner: 4ra1n Exploit...

February 14, 2023—KB5022840 (OS Build 17763.4010) - EXPIRED

February 14, 2023—KB5022840 OS Build 17763.4010 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. 11/17/20 For...

October 11, 2022—KB5018419 (OS Build 17763.3532) - EXPIRED

October 11, 2022—KB5018419 OS Build 17763.3532 - EXPIRED EXPIRATION NOTICEIMPORTANT - As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. 10/11/22 REMINDER...

December 14, 2021—KB5008218 (OS Build 17763.2366)

December 14, 2021—KB5008218 OS Build 17763.2366 11/9/2021 IMPORTANT Because of minimal operations during the holidays and the upcoming Western new year, there won’t be a preview release known as a “C” release for the month of December 2021. There will be a monthly security release known as a “B”...

December 8, 2020—KB4593226 (OS Build 14393.4104) - EXPIRED

December 8, 2020—KB4593226 OS Build 14393.4104 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality...

DEBIAN-CVE-2019-10153

A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fencerhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to...

March 14, 2017—KB4013429 (OS Build 14393.953)

March 14, 2017—KB4013429 OS Build 14393.953 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed known issue called out in KB3213986. Users may experience delays while running 3D...

January 10, 2017—KB3213986 (OS Build 14393.693)

January 10, 2017—KB3213986 OS Build 14393.693 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Improved the reliability of Groove Music playback in the background, App-V, video playback and...

Cluster service fails when shutting down or data deduplication fails with "Drive is locked" in Windows Server 2012 R2

Cluster service fails when shutting down or data deduplication fails with "Drive is locked" in Windows Server 2012 R2 This article describes two issues that are addressed in this update: the cluster service fails when it's being shut down and data deduplication fails with the "This drive is locke...

Cisco Unified Computing System Fabric Interconnect Remote Access Vulnerability

A vulnerability in the high availability service of Cisco Unified Computing System Fabric Interconnect could allow an unauthenticated, remote attacker to gain access to sensitive information and prevent the cluster service from syncing with its peers. The vulnerability is due to improper binding ...

Scientific Linux Security Update : rgmanager on SL5.x i386/x86_64

The rgmanager package contains the Resource Group Manager, which provides the ability to create and manage high-availability server applications in the event of system downtime. It was discovered that certain resource agent scripts set the LDLIBRARYPATH environment variable to an insecure value...

CentOS 5 : rgmanager (CESA-2011:1000)

An updated rgmanager package that fixes one security issue, several bugs, and adds multiple enhancements is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score,...

RedHat Piranha Virtual Server Package - 'passwd.php3' Arbitrary Command Execution (Metasploit)

$Id: piranhapasswdexec.rb 10729 2010-10-18 15:41:13Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

CVE-2010-3223

The CVE-2010-3223 issue affects Microsoft Windows Server 2008 R2 in a failover cluster. The Failover Cluster Manager (MSCS) UI sets permissions on administrative shares of new shared cluster disks using unsecured default ACLs, potentially allowing unauthorized users to read, modify, or delete dat...

conga security, bug fix, and enhancement update

0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...