CVE-2026-45581

fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server INFO level logging includes the TLS private key password in...

CVE-2026-45581

fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server INFO level logging includes the TLS private key password in...

EUVD-2026-35139

fabric-chaincode-java is a Java based implementation of Hyperledger Fabric chaincode shim APIs. From version 2.3.1 to before version 2.5.10, when chaincode is deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server INFO level logging includes the TLS private key password in...

CVE-2026-45581

CVE-2026-45581 affects fabric-chaincode-java (Hyperledger Fabric chaincode runtime). In versions 2.3.1 through 2.5.09, when deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server’s INFO logs include the TLS private key password in plaintext, enabling an attacker with log a...

Hyperledger Fabric Chaincode Java 日志信息泄露漏洞

Hyperledger Fabric Chaincode Java is an open-source Java-based smart contract development framework developed by the Hyperledger project. In versions 2.3.1 to 2.5.10 of Hyperledger Fabric Chaincode Java, there was a vulnerability involving log information leakage. This vulnerability occurred when...

PT-2026-41961

Name of the Vulnerable Software and Affected Versions fabric-chaincode-java versions 2.3.1 through 2.5.9 Description When chaincode is deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server INFO level logging includes the TLS private key password in plaintext. An attacker...

CVE-2024-36355

Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 sleep wake up, potentially resulting in arbitrary code execution...

EUVD-2022-43445

Malicious code in bioql PyPI...

CVE-2022-40126

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated...

CVE-2022-40126

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated...

CVE-2022-40126

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated...

CVE-2022-40126

CVE-2022-40126 describes a misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 that allows privilege escalation and arbitrary command execution when Service Mode is activated. Public sources consistently identify the affected software as Clash for Windows and the v...

CVE-2022-40126

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated...

CVE-2022-40126

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated...

Clash 安全漏洞

Clash is a multi-platform agent client developed in the Go language by the individual developers of Dreamacro. A security vulnerability exists in Clash for Windows version v0.19.9, which originates from a misconfiguration in the Service Mode Configuration File directory, and can be exploited by a...

CVE-2022-24797 Exposure of Sensitive Information in Pomerium

Pomerium is an identity-aware access proxy. In distributed service mode, Pomerium's Authenticate service exposes pprof debug and prometheus metrics handlers to untrusted traffic. This can leak potentially sensitive environmental information or lead to limited denial of service conditions. This...

How to Customize App Shortcuts with Receiver for Windows

As a Receiver administrator, you can configure Receiver for Windows 4.2.100 to automatically place application and desktop shortcuts directly in the Start menu or on the desktop in a similar way that Receiver for Windows 3.4 Enterprise places them. The new shortcut only mode provides a seamless...

CVE-2019-11341

On certain Samsung P9.0 phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after entering the 9900 check code, but is protected by an OTP password. However, this password is created locally...

Default credentials

On certain Samsung P9.0 phones, an attacker with physical access can start a TCP Dump capture without the user's knowledge. This feature of the Service Mode application is available after entering the 9900 check code, but is protected by an OTP password. However, this password is created locally...

App Shortcuts with Receiver for Windows

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. As a Receiver administrator, you can configure Receiver for Windows 4.x to automatically place...