CVE-2025-66236

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

GHSA-J86X-FWP2-QH7V Apache Airflow: Secrets from Airflow config file logged in plain text in DAG run logs UI

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

EUVD-2025-209413

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

PYSEC-2026-8

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

CVE-2025-66236

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

PYSEC-2026-8

Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to security details and security model of Airflow. Some assumptions the Deployment Manager could make were not clear or explicit enough, even though...

PT-2026-32366

Name of the Vulnerable Software and Affected Versions Airflow versions prior to 3.2.0 Description Lack of clarity regarding the responsibilities of the Deployment Manager in ensuring secure deployments. Certain assumptions about the security model, workload isolation, and JWT authentication were...

EUVD-2013-7138

Malware in sbrugna...

EUVD-2012-6203

Malware in sbrugna...

CVE-2012-6348

Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to 1 overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, or 2 overwrite arbitrary files and consequently gain privileges via a symlink attack on the...

CVE-2013-7366

The SAP Software Deployment Manager SDM, in certain unspecified conditions, allows remote attackers to cause a denial of service via vectors related to failed authentications...

Clickjacking Vulnerability in JP1/ServerConductor/Deployment Manager

Overview A Clickjacking Vulnerability was found in JP1/ServerConductor/Deployment Manager. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

CVE-2020-4575

IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured...

CVE-2020-4575

IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured...

CVE-2020-4575

IBM WebSphere Application Server ND 8.5 and 9.0, and IBM WebSphere Virtual Enterprise 7.0 and 8.0 are vulnerable to cross-site scripting when High Availability Deployment Manager is configured...

Security Bulletin: An XML External Entity (XXE) processing vulnerability is exposed in Case Manager administration client (CVE-2018-1844)

Summary IBM Case Manager has addressed the following vulnerability. An XML External Entity XXE processing vulnerability is exposed in Case Manager administration client with the ability to import solution packaged which are FileNet Deployment Manager exported zip packages. CVE-2018-1844...

Security Bulletin: IBM FileNet Content Manager component FileNet Deployment Manager security vulnerability

Summary FileNet Deployment Manager external DTD security vulnerability. Vulnerability Details CVEID: CVE-2018-1844 DESCRIPTION: IBM Case Manager is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose...

DoS Vulnerability in JP1/ServerConductor/Deployment Manager and Hitachi Compute Systems Manager

Overview A DoS Vulnerability was found in JP1/ServerConductor/Deployment Manager and Hitachi Compute Systems Manager Deployment Manager Plug-in. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the...

SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow

No description provided by source. !-- SAS Integration Technologies Client 9.31M1 SASspk.dll Stack-based Overflow Vendor: SAS Institute Inc. Product web page: http://www.sas.com Affected version: Deployment Manager 9.3.0.0 Model 12.05, TS1M2 SAS Integration Technologies Client 9.31M1 Summary: SAS...

Centrify Deployment Manager 2.1.0.283 - Local Root

No description provided by source. Centrify Deployment Manager v2.1.0.283 local root 12/7/2012 Taking a little longer look at the software, I managed to win a race condition and get root with files in /tmp. Here is my analysis: root@h0g:/tmp ls -l /etc/shadow -r-------- 1 root shadow 1010 Dec 7...