170 matches found
Security Bulletin: ELM on Hybrid Cloud vulnerabilities addressed in 2.0.0
Summary This release addresses security vulnerabilities in application and operator images of ELM on Hybrid cloud offering. Identified vulnerabilities identified below relate to the underlying OS packages and language dependencies which impacts the product within the deployed environment. One of...
Security Bulletin: ELM on Hybrid Cloud vulnerabilities addressed in 1.3.0
Summary This release addresses security vulnerabilities in application and operator images of ELM on Hybrid cloud offering. Identified vulnerabilities identified below relate to the underlying OS packages and language dependencies which impacts the product within the deployed environment. One of...
org.webjars.npm:canvas (>=2.5.0 <=2.6.0), org.webjars.npm:color-thief (=2.2.5) +12 more potentially affected by CVE-2026-29786 via org.webjars.npm:tar (>=0.1.20 <=4.4.19)
org.webjars.npm:tar MAVEN version =0.1.20, =2.5.0, =0.97.5, =0.2.0, =3.4.0, =0.6.19, =2.0.0, =3.1.4, =3.4.1 - org.webjars.npm:tar.gz =1.0.7 Source cves: CVE-2026-29786 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15416076...
CVE-2003-1323
Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors...
CVE-1999-0114
Local users can execute commands as other users, and read other users' files, through the filter command in the Elm elm-2.4 mail package using a symlink attack...
CVE-2025-52578
Incorrect Usage of Seeds in Pseudo-Random Number Generator CWE- 335 vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in...
CVE-2025-52578
Incorrect Usage of Seeds in Pseudo-Random Number Generator CWE- 335 vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in...
CVE-2025-52578
CVE-2025-52578 describes an incorrect usage of seeds in a pseudo-random number generator (PRNG) affecting Gallagher Command Centre Server. The issue allows a sophisticated attacker with physical access to compromise internal device communications. Affected versions include 9.30 before vCR9.30.251...
PT-2025-47241
Incorrect Usage of Seeds in Pseudo-Random Number Generator CWE- 335 vulnerability in the High Sec ELM may allow a sophisticated attacker with physical access, to compromise internal device communications. This issue affects Command Centre Server: 9.30 prior to vCR9.30.251028a distributed in...
EUVD-1999-1315
Malware in sbrugna...
EUVD-2001-1155
Malware in sbrugna...
EUVD-2003-1314
Malware in sbrugna...
EUVD-1999-0114
Malware in sbrugna...
EUVD-2003-0956
Malware in sbrugna...
EUVD-2003-1313
Malware in sbrugna...
EUVD-2004-1269
Malware in sbrugna...
EUVD-1999-1165
Malware in sbrugna...
@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +387 more potentially affected by CVE-2025-59343 via tar-fs (>=0.1.8 <=1.16.3)
tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2025-59343 Source advisory: OSV:GHSA-VJ76-C3G6-QR...
CVE-2003-1324
Race condition in the canopen function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group...
ELM 2409 || SMB share not working after ELM upgrade from 2403 to 2409
After migrating to new release and upgrading to version 2409 the SMB share is not longer connecting, this appears to be causing lots of crashfiles to generate which overt he week caused the applayering platform to stop functioning all together until the crash files were cleared...