AlmaLinux 10 : pcs (ALSA-2026:10713)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:10713 advisory. lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 Tenable has extracted the preceding description block directly fro...

AlmaLinux 10 : pcs (ALSA-2026:2438)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:2438 advisory. lodash: prototype pollution in .unset and .omit functions CVE-2025-13465 Tenable has extracted the preceding description block directly from the AlmaLinux securit...

EUVD-2024-32130

Malicious code in bioql PyPI...

Oracle Linux 10 : pcs (ELSA-2025-8319)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-8319 advisory. 0.12.0-3.el100.2 - Rebased pcs to the latest sources see CHANGELOG.md Resolves: RHEL-7681, RHEL-21050, RHEL-22423, RHEL-35407, RHEL-44347, RHEL-63186,...

CVE-2023-44250

An improper privilege management vulnerability CWE-269 in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests...

Privilege escalation

An improper privilege management vulnerability CWE-269 in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests...

CVE-2023-44250

CVE-2023-44250 describes an improper privilege management (CWE-269) in Fortinet FortiOS HA clusters (versions 7.4.0–7.4.1 and 7.2.5) and FortiProxy HA clusters (7.4.0–7.4.1). An authenticated attacker can perform elevated actions via crafted HTTP(S) requests. The CVSS v3.1 base score is 8.8 (Netw...

CVE-2023-44250

An improper privilege management vulnerability CWE-269 in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2.5 and in a FortiProxy HA cluster version 7.4.0 through 7.4.1 allows an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests...

Fortinet Fortigate Improper authorization for HA requests (FG-IR-23-315)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-315 advisory. - An improper privilege management vulnerability CWE-269 in a Fortinet FortiOS HA cluster version 7.4.0 through 7.4.1 and 7.2...

SUSE-SU-2023:2746-1 Security update for prometheus-ha_cluster_exporter

This update for prometheus-haclusterexporter fixes the following issues: - rebuild the package with the go 1.20 security release bsc1208296...

PT-2023-36208 · Unknown · Prometheus-Ha Cluster Exporter

Name of the Vulnerable Software and Affected Versions: prometheus-ha cluster exporter affected versions not specified Description: The issue is related to a security concern addressed by rebuilding the package with the go 1.20 security release. Recommendations: At the moment, there is no...

PT-2023-36209 · Go +1 · Go +1

Name of the Vulnerable Software and Affected Versions: prometheus-ha cluster exporter affected versions not specified Description: The issue is related to a security concern in the go 1.20 release, which is addressed by rebuilding the prometheus-ha cluster exporter package with this security...

SUSE-SU-2023:2136-1 Security update for prometheus-ha_cluster_exporter

This update of prometheus-haclusterexporter fixes the following issues: - rebuild the package with the go 19.9 secure release bsc1200441...

PT-2023-36157 · Unknown · Prometheus-Ha Cluster Exporter

Name of the Vulnerable Software and Affected Versions: prometheus-ha cluster exporter affected versions not specified Description: The issue is related to a security concern that has been addressed by rebuilding the package with the go 19.9 secure release. Recommendations: At the moment, there is...

PT-2023-36159 · Unknown · Prometheus-Ha Cluster Exporter

Name of the Vulnerable Software and Affected Versions: prometheus-ha cluster exporter affected versions not specified Description: The issue is related to a security concern that has been addressed by rebuilding the package with the go 19.9 secure release. Recommendations: At the moment, there is...

SUSE-SU-2023:0465-1 Security update for prometheus-ha_cluster_exporter

This update for prometheus-haclusterexporter fixes the following issues: Updated to version 1.3.1: - CVE-2022-46146: Fixed authentication bypass via cache poisoning in prometheus/exporter-toolkit bsc1208046, bsc1208047...

PT-2022-23215 · Hashicorp · Hashicorp Vault Enterprise

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault Enterprise versions 1.7.0 through 1.9.7 HashiCorp Vault Enterprise version 1.10.4 HashiCorp Vault Enterprise version 1.11.0 Description: The issue concerns an unauthenticated API endpoint in HashiCorp Vault Enterprise that cou...

CVE-2020-1630 Junos OS: Privilege escalation vulnerability in dual REs, VC or HA cluster may allow unauthorized configuration change.

A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines RE, Virtual Chassis VC or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification. This...