CVE-2024-26226

Windows Distributed File System DFS Information Disclosure Vulnerability...

CVE-2024-29066 Windows Distributed File System (DFS) Remote Code Execution Vulnerability

...

CVE-2024-29905 DIRAC: Unauthorized users can read proxy contents during generation

DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process e.g., when using dirac-proxy-init, it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then...

CVE-2024-29905

Summary: CVE-2024-29905 affects DIRAC prior to version 8.0.41. During the proxy generation process (e.g., dirac-proxy-init), unauthorized users on the same machine could gain read access to the proxy for a sub-millisecond window, enabling actions as if using the original proxy. The issue is mitig...

PT-2024-3303 · Microsoft · Windows Distributed File System +1

Name of the Vulnerable Software and Affected Versions: Windows Distributed File System DFS affected versions not specified Description: The issue is related to an information disclosure vulnerability in the Windows Distributed File System DFS. It is caused by a buffer overflow in memory, which ca...

Microsoft Windows Distributed File System 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Distributed File System DFS. An attacker exploiting this vulnerability could gain access to sensitive information. The following...

PT-2024-3296 · Microsoft · Windows Distributed File System +1

Name of the Vulnerable Software and Affected Versions: Windows Distributed File System DFS affected versions not specified Description: The issue is related to synchronization errors in the Windows Distributed File System DFS, specifically a "race condition" situation when using a shared resource...

Microsoft Windows Distributed File System 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Distributed File System DFS. An attacker exploiting this vulnerability could remotely execute code. The following products and edition...

The vulnerability of the JuiceFSRuntime orchestrator environment for distributed data sets and the open-source Kubernetes accelerator for applications with intensive data processing in Fluid, allows attackers to execute arbitrary commands.

The vulnerability of the JuiceFSRuntime orchestrator for distributed data sets and the open-source Kubernetes accelerator for applications with intensive data processing exists due to the lack of measures taken to eliminate special elements used in the operating system command set. Exploiting thi...

编号撤回

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. This CVE number has been withdrawn...

XXL-JOB 注入漏洞

XXL-JOB is a distributed task scheduling platform based on the java language from the Xu Xueli XXL-JOB community. XXL-JOB 2.4.1 and earlier versions exist injection vulnerability, the vulnerability stems from the file com/xxl/job/core/util/JdkSerializeTool.java has a template injection...

The vulnerability of the Pulsar Functions Worker module on the cloud platform for distributed messaging and Apache Pulsar streaming services allows a attacker to cause a service failure.

The vulnerability of the Pulsar Functions Worker module on the cloud platform for distributed messaging and Apache Pulsar streaming involves the use of files and directories accessible from external parties. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of distributed data sets orchestrators and open-source accelerators in Kubernetes for applications with intensive data processing, related to improper authorization, allows attackers to gain full privileged access to the entire cluster.

The vulnerability of distributed data sets orchestrators and open-source accelerators in Kubernetes for applications with intensive data processing related to improper authorization. Exploiting this vulnerability can allow attackers to gain full privileged access to the entire cluster...

GO-2024-2670 ACL security vulnerability in github.com/hashicorp/nomad

An ACL policy using a block without label can be applied to unexpected resources in Nomad, a distributed, highly available scheduler designed for effortless operations and management of applications...

PT-2024-26764

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37 Description The issue is related to a potential use-after-free bug in the Linux kernel's SMB client when walking DFS referrals, mounting, and performing DFS failover. This is resolved by ensuring all...

CVE-2024-3094 Xz: malicious code in distributed source

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in...

CVE-2024-3094 Xz: malicious code in distributed source

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in...

[SECURITY] Fedora 39 Update: perl-Data-UUID-1.227-1.fc39

This module provides a framework for generating v3 UUIDs Universally Unique Identifiers, also known as GUIDs Globally Unique Identifiers. A UUID is 128 bits long, and is guaranteed to be different from all other UUIDs/GUIDs generated until 3400 CE. UUIDs were originally used in the Network...

Best Practices for Kafka Management to Ensure High Availability

By Uzair Amir With the increasing popularity of Apache Kafka as a distributed streaming platform, ensuring its high availability has become… This is a post from HackRead.com Read the original post: Best Practices for Kafka Management to Ensure High Availability...

Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.4.7 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...