EUVD-2026-32098

When the director sends a long-running request e.g. compilepackage, the agent's reply JSON is consumed by AgentClient. injectcompilelog line 332-339 reads response'value''result''compilelogid' and formatexception line 318-325 reads exception'blobstoreid'; both pass the agent-supplied string...

CVE-2026-41009

CVE-2026-41009 affects BOSH Director: all versions prior to v282.1.12. The vulnerability arises when the director uses a local blobstore; Blobstore::LocalClient#object_file_path joins the blobstore path with the provided oid without normalisation, enabling path traversal (e.g., oid = "../../jobs/...

Cloud Foundry BOSH Director 安全漏洞

Cloud Foundry BOSH Director is a cloud infrastructure deployment and lifecycle management platform developed by the US Cloud Foundry company. Versions of Cloud Foundry BOSH Director prior to v282.1.12 contained security vulnerabilities. These vulnerabilities stemmed from AgentClient not performin...

CVE-2026-41704 - Compromised VM can make arbitrary blobstore deletes | Cloud Foundry

MEDIUM CVSS 4.0 Score: 6.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:H CVSS 3.1 Score: 5.0 CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:N Vendor Cloud Foundry Foundation Versions Affected Severity is MEDIUM unless otherwise noted. BOSH Director – All versions prior to v282.1.12...

EUVD-2020-3438

Malware in sbrugna...

EUVD-2025-8204

Malicious code in bioql PyPI...

PT-2025-26189 · Versa +1 · Versa Director +1

Name of the Vulnerable Software and Affected Versions: Versa Director SD-WAN orchestration platform affected versions not specified Description: The issue affects the Versa Director SD-WAN orchestration platform, which utilizes the Cisco NCS application service. Active and Standby Directors...

Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229

Versa Networks has released an advisory for a vulnerability CVE-2024-45229link is external affecting Versa Director. A cyber threat actor could exploit this vulnerability to exercise unauthorized REST APIs. CISA urges organizations to apply necessary updates, hunt for any malicious activity, repo...

PT-2024-6031

Name of the Vulnerable Software and Affected Versions: Versa Director versions prior to 22.1.4 Description: The vulnerability in Versa Director allows attackers to upload malicious files, posing a serious threat to organizations. This flaw can be exploited by authenticated users with...

The vulnerability of VMware vCloud Director, a platform for managing cloud storage, stems from insufficient neutralization of certain elements in requests. This allows an attacker to execute arbitrary code.

The vulnerability of the VMware vCloud Director platform for managing cloud storage repositories is related to insufficient neutralization of specific elements in the request. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

UBUNTU-CVE-2020-4042

Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge...

Cisco IoT Field Network Director Resource Management Error Vulnerability (CNVD-2020-18571)

Cisco IoT Field Network Director IoT-FND is an end-to-end IoT management system from Cisco USA. The system features device management, asset tracking and smart metering. A resource management error vulnerability exists in Cisco IoT Field Network Director. The vulnerability stems from the...

Trend Micro Deep Discovery Director Hard-Coded Archive File Password Vulnerability

Trend Micro Deep Discovery is a protection product from Trend Micro that detects and identifies hard-to-find threats in real time and proposes solutions. director is one of the built-in solutions with the ability to update and upgrade various programs in Deep Discovery. A security vulnerability...