Genetec RabbitMQ 安全漏洞

Genetec RabbitMQ is a messaging queue service component provided by the American company Genetec. Genetec RabbitMQ has a security vulnerability, which stems from deployment issues and may lead to privilege escalation attacks...

GHSA-CFG2-MXFJ-J6PW PraisonAI Vulnerable to Stored XSS via Unsanitized Agent Output in HTML Rendering (nh3 Not a Required Dependency)

Summary The Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The sanitizehtml function relies on the nh3 library, which is not listed as a required or optional dependency in pyproject.toml. When nh3 is absent the default installation, the...

EUVD-2020-25628

Malware in sbrugna...

EUVD-2021-9399

Malicious code in bioql PyPI...

CVE-2025-53638 Solady lacks extcodesize validation on implementation in ERC4337Factory

Solady is software that provides Solidity snippets with APIs. Starting in version 0.0.125 and prior to version 0.1.24, when an account is deployed via a proxy, using regular Solidity to call its initialization function may result in a silent failure, if the initialization function does not return...

cri-o security update

cri-o 1.26.4-2 - Address CVE-2024-24786 cri-tools 1.26.1-5 - Address CVE-2024-24786 etcd 3.5.10-3 - Address protobuf CVE-2024-24786 3.5.10-1 - Added Oracle specific build files istio 1.17.8-3 - Address protobuf CVE-2024-24786 - Backport from 1.19.7 to address CVE-2024-23322, CVE-2024-23323,...

[NetScaler-Syslog] HA Secondary node Cannot Transmit Syslog Messages in TCP

NetScaler supports report syslog messages to an external syslog server. But in HA deployment, you may observe the issue that: HA Secondary node doesn't send syslog messages while Primary is good if "Transport Type" is TCP. Configuring it to UDP has no issue...

CEM 23.6.0 - Apple Restriction Policy not getting deployed on iOS DEP Devices

There is a known issue with Apple Restriction Policy not getting deployed on iOS DEP Devices when using CEM 23.6.0...

SUSE CVE-2015-4736

Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment...

CVE-2021-35252

Common encryption key appears to be used across all deployed instances of Serv-U FTP Server. Because of this an encrypted value that is exposed to an attacker can be simply recovered to plaintext...

Kubernetes: Ingress nginx annotation injection causes arbitrary command execution

A vulnerability was found where arbitrary commands could be executed on the Kubernetes cluster. Through annotation injection on the ingress resource, additional locations could be added to the nginx configuration, allowing commands to be passed and executed via the lua scripting engine on the...

cause users to revet right after deployment so they cant lend or borrow

Lines of code Vulnerability details Impact because of deployment hasMatured is false mintInternal reverts then cause users' to loose money on gas and users' cant lend which could lead to worse things and cause more attack vectors. Recommended Mitigation Steps check for delay after deployment or g...

Deploying Enterprise Apps on AE | Console message: Cannot Be Required App

When an Enterprise application is uploaded to the Google Play Store using the Android Enterprise method, we are prompted to make this appOptional only. Console message: Cannot Be Required App is an Enterprise app and cannot be deployed as a required app for Android Enterprise. It can be included ...

OPENSUSE-SU-2020:2082-1 Security update for ceph

This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Added --container-init feature bsc1177319, bsc1163764 - Made journald as the logdriver again bsc1177933 - Fixes a condition check for copytree, copyfiles, and movefiles in...

Storefront: Issue with creating new deployment - "Unable to Create Deployment"

1. Unable to create StoreFront Deployment on a VM hosted on VMware with VMware tools installed Exception: New Server Deployment An error occurred running the command: 'Set-DSNewClusterEnvironment' An error occurred while adding the StoreFront configuration API. Exception of type...

ADM not giving deploy option after running deployment_type.py

When running the deploymenttype.py to prepare an ADM instance for HA pairing, after reboot the deploy tab is missing...

XenMobile Duplicate MAM ID issue

Deployments of XenMobile 10.x may encounter an issue where Enterprise enrolled devices are not correctly associated with the appropriate MAM ID for the device. This results in issues where devices end up in a state of ‘MDM no MAM’ or ‘Cannot install applications, despite seeing them listed in...

JDK: unspecified vulnerability fixed in 7u65 and 8u11 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4208...

SNMP Public Community String Zero Day in Routers Disclosed

Researchers have discovered previously unreported problems in SNMP on embedded devices where devices such as secondary market home routers and a popular enterprise-grade load balancer are leaking authentication details in plain text. The data could be extracted by gaining access to the read-only...

JDK: unspecified vulnerability fixed in 7u45 (Deployment)

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787,...