CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

Denial of service

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

UBUNTU-CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

CVE-2023-1299

Removed by vendor...

HashiCorp Nomad 安全漏洞

HashiCorp Nomad is a simple and flexible scheduler and orchestrator from HashiCorp USA. It is used to manage containerized and non-containerized applications at scale, both locally and in the cloud. A security vulnerability exists in HashiCorp Nomad , Nomad Enterprise versions 1.4.0 through 1.5.0...

kernel security and bug fix update

An update is available for kernel. This update affects Rocky Linux SIG Cloud 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux...

CVE-2023-27574

ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODESIGNINGINJECTBASEENTITLEMENTS...

CVE-2023-27574

ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODESIGNINGINJECTBASEENTITLEMENTS...

CVE-2023-27574

ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODESIGNINGINJECTBASEENTITLEMENTS...

ShadowsocksX-NG 安全漏洞

ShadowsocksX-NG is an open source encrypted transport protocol based on the Socks5 proxy by shadowsocks, which can also refer to various development packages that implement this protocol. A security vulnerability exists in ShadowsocksX-NG version 1.10.0, which stems from the use of...

CVE-2023-27574

ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODESIGNINGINJECTBASEENTITLEMENTS...

PT-2023-21217 · Unknown · Shadowsocksx-Ng

Name of the Vulnerable Software and Affected Versions: ShadowsocksX-NG version 1.10.0 Description: The issue arises from ShadowsocksX-NG 1.10.0 being signed with com.apple.security.get-task-allow entitlements due to CODE SIGNING INJECT BASE ENTITLEMENTS. Recommendations: For ShadowsocksX-NG versi...

Employee Task Management System 1.0 SQL Injection Vulnerability

Employee Task Management System - SQL Injection on task-details.php?taskid=? with low privilege authentication CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Author Email: email protected Vendor Homepage: https://www.sourcecodester.com Software Link: Employee Task Management System Version: ...

Employee Task Management System 1.0 SQL Injection

Employee Task Management System - SQL Injection on task-details.php?taskid=? with low privilege authentication Date: 17 February 2023 CVE Assigned: CVE-2023-0904 mitre.org, nvd.nist.org Author Email: [email protected] Vendor Homepage: https://www.sourcecodester.com Software Link: Employe...

Denial of service

In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Service...

Task fails with "Repository is not compatible with Catalyst Store with fixed block setting enabled"

Challenge A Veeam Backup & Replication job targeting a StoreOnce Repository backed by a Catalyst Store that has Fixed Block Chunking enabled fails with either of the following errors: Repository is not compatible with Catalyst Store with fixed block setting enabled Error:...

K00843201: Grafana vulnerability CVE-2019-15043

Security Advisory Description In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. CVE-2019-15043 Impact An unauthorized user may be able to leverage the Grafana...

K40019131: F5 Access for Android vulnerability CVE-2022-27875

Security Advisory Description A Task Hijacking vulnerability exists in the F5 Access for Android application, which may allow an attacker to steal sensitive user information. CVE-2022-27875 Impact An attacker may be able to exploit this vulnerability by tricking a legitimate user running Android...