7071 matches found
Azure Monitor Agent Elevation of Privilege Vulnerability
Improper input validation in Azure Monitor Agent allows an authorized attacker to elevate privileges locally...
PT-2026-32846
Name of the Vulnerable Software and Affected Versions Azure Monitor Agent affected versions not specified Description Deserialization of untrusted data allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version that...
PT-2026-32836
Name of the Vulnerable Software and Affected Versions Azure Monitor Agent affected versions not specified Description Improper input validation allows an authorized attacker to elevate privileges locally. Recommendations At the moment, there is no information about a newer version that contains a...
Microsoft Azure Monitor Agent 输入验证错误漏洞
Microsoft Azure Monitor Agent is a monitoring agent program from Microsoft USA. A security vulnerability exists in Microsoft Azure Monitor Agent. An attacker can exploit the vulnerability to elevate privileges...
Microsoft Azure Monitor Agent 代码问题漏洞
Microsoft Azure Monitor Agent is a monitoring agent program from Microsoft USA. A security vulnerability exists in Microsoft Azure Monitor Agent. An attacker can exploit the vulnerability to elevate privileges...
KLA90984 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be...
Microsoft Azure Monitor Agent < 1.41.0 Elevation of Privilege (CVE-2026-32192)
The version of Microsoft Azure Monitor Agent installed on the remote host is prior to 1.41.0. It is, therefore, affected by an elevation of privilege vulnerability: - An elevation of privilege vulnerability exists in Azure Monitor Agent that allows an authorized attacker to elevate privileges...
CVE-2026-4401
The Download Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in the actionshandler and bulkactionshandler methods in class-dlm-downloads-path.php in all versions up to, and including, 5.1.10. This is due to missing nonce verification on these functions. This makes it...
Ubuntu: Security Advisory (USN-8161-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-HFVC-G4FC-PQHX vulnerabilities
Vulnerabilities for packages: zot, cluster-api-helm-controller, pulumi-language-java, fluent-bit-plugin-loki, cluster-autoscaler, cluster-api-provider-vsphere, gitlab-kas, kube-logging-operator, witness, spegel, melange, snyk-cli, datadog-agent, ferretdb, crossplane-provider-azure-managedidentity...
Directory Traversal
Overview praisonai is a PraisonAI TypeScript AI Agents Framework - Node.js, npm, and Javascript AI Agents Framework Affected versions of this package are vulnerable to Directory Traversal in the MultiAgentLedger and MultiAgentMonitor components. An attacker can access sensitive context data...
GHSA-766V-Q9X3-G744 PraisonAI has Memory State Leakage and Path Traversal in MultiAgent Context Handling
Summary The MultiAgentLedger and MultiAgentMonitor components in the provided code exhibit vulnerabilities that can lead to context leakage and arbitrary file operations. Specifically: 1. Memory State Leakage via Agent ID Collision: The MultiAgentLedger uses a dictionary to store ledgers by agent...
EUVD-2026-20154
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...
CVE-2026-39486
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...
CVE-2026-39486
The CVE-2026-39486 entry concerns the WordPress Download Monitor plugin (Download Monitor) with versions <= 5.1.8, where improper neutralization of SQL commands leads to Blind SQL Injection. The Red Hat, NVD, EUVD, CVE List, and vuln enrichment records confirm a vulnerability in this plugin; n...
CVE-2026-39486 WordPress Download Monitor plugin <= 5.1.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...
CVE-2026-39486
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...
CVE-2026-39486 WordPress Download Monitor plugin <= 5.1.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...
MAL-2026-2508 Malicious code in @fairwords/websocket (npm)
The @fairwords/websocket package was compromised as part of the TeamPCP/CanisterWorm campaign. A postinstall hook executes node scripts/check-env.js || true which performs multi-stage credential harvesting, encrypted exfiltration, and self-propagation. The payload harvests 40+ environment variabl...
EUVD-2026-19992
The Download Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in the actionshandler and bulkactionshandler methods in class-dlm-downloads-path.php in all versions up to, and including, 5.1.10. This is due to missing nonce verification on these functions. This makes it...