CVE-2025-11915

CVE-2025-11915 involves a connection desynchronization issue between an HTTP proxy and the Vertex AI model backend. Root cause: synchronization mismatch across the proxy-backend boundary. Impact is described as affecting certain third-party models, with fixes rolled out for all proxies in front o...

CVE-2023-30960

A security defect was discovered in Foundry job-tracker that enabled users to query metadata related to builds on resources they did not have access to. This defect was resolved with the release of job-tracker 4.645.0. The service was rolled out to all affected Foundry instances. No further...

CVE-2023-30963 Stored XSS in Foundry Slate Query Dropdown menu

A security defect was discovered in Foundry Frontend which enabled users to perform Stored XSS attacks in Slate if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.229.0. The service was rolled out to all affected Foundry instances. No further...

CVE-2023-30948 Retrieval of Attachments to Comments lacks Authorization

A security defect in Foundry's Comments functionality resulted in the retrieval of attachments to comments not being gated by additional authorization checks. This could enable an authenticated user to inject a prior discovered attachment UUID into other arbitrary comments to discover it's conten...

Vulnerabilities fixed in Google Android

Vulnerabilities have been fixed in Google Android. The vulnerabilities allow a malicious person to carry out attacks execute attacks that can lead to the following categories of damage: Denial-of-Service DoS Access to sensitive data Increased user privileges The vulnerability with attribute...