DSA-5961-1 slurm-wlm - security update

Bulletin has no description...

Debian dsa-5961 : libpam-slurm - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5961 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5961-1 [email protected] https://www.debian.org/security/ Shengq...

CVE-2025-46708 GPU DDK - Guest VM can delay the FW and GPU from processing workloads from other VMs

Software installed and running inside a Guest VM may conduct improper GPU system calls to prevent other Guests from running work on the GPU...

CVE-2025-46708

CVE-2025-46708 affects Imagination Technologies PowerVR-GPU driver. The issue arises when software inside a Guest VM makes improper GPU system calls, delaying or blocking the GPU for other guests and preventing them from processing workloads. The vulnerability is described as enabling guest VMs t...

Adaptive Alert Prioritisation in Security Operations Centres Via Learning to Defer with Human Feedback

Alert prioritisation AP is crucial for security operations centres SOCs to manage the overwhelming volume of alerts and ensure timely detection and response to genuine threats, while minimising alert fatigue. Although predictive AI can process large alert volumes and identify known patterns, it...

Aembit Extends Workload IAM to Microsoft Ecosystem, Securing Hybrid Access for Non-Human Identities

Silver Spring, Maryland, 3rd June 2025, CyberNewsWire...

GO-2025-3718 Contrast workload secrets leak to logs on INFO level in github.com/edgelesssys/contrast

Contrast workload secrets leak to logs on INFO level in github.com/edgelesssys/contrast...

Contrast workload secrets leak to logs on INFO level

Impact When the Contrast initializer is configured with a CONTRASTLOGLEVEL of info or debug, the workload secret is logged to stderr and written to Kubernetes logs. Since info is the default setting, this affects all Contrast installations that don't customize their initializers' log level. The...

GHSA-H5F8-CRRQ-4PW8 Contrast workload secrets leak to logs on INFO level

Impact When the Contrast initializer is configured with a CONTRASTLOGLEVEL of info or debug, the workload secret is logged to stderr and written to Kubernetes logs. Since info is the default setting, this affects all Contrast installations that don't customize their initializers' log level. The...

CVE-2024-49351

IBM Workload Scheduler 9.5, 10.1, and 10.2 stores user credentials in plain text which can be read by a local user...

CVE-2023-28009

HCL Workload Automation is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-52337

An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileg...

CVE-2023-20136

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...

CVE-2023-28008

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

CVE-2023-41332

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility annotations in Cilium = v1.13 or io.cilium.proxy-visibility annotations in Cilium...

CVE-2023-1299

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

CVE-2023-1296

HashiCorp Nomad and Nomad Enterprise 1.4.0 up to 1.5.0 did not correctly enforce deny policies applied to a workload’s variables. Fixed in 1.4.6 and 1.5.1...

CVE-2022-40707

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code o...

CVE-2022-40710

A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2022-40708

An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code o...