Lucene search
K

116 matches found

NVD
NVD
added yesterday8 views

CVE-2026-54001

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, on Windows, a local unprivileged attacker can cause a heap buffer out-of-bounds write if there is a query of the authenticode table targeting a maliciously crafted binary, due to...

7CVSS
Exploits0References4
NVD
NVD
added yesterday5 views

CVE-2026-54000

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, on Windows, a local unprivileged attacker can cause a heap buffer out-of-bounds write if there is a query of the processes table targeting a maliciously crafted process, due to uncheck...

7CVSS
Exploits0References4
NVD
NVD
added yesterday7 views

CVE-2026-46388

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not...

4.4CVSS
Exploits0References4
CVE
CVE
added yesterday4 views

CVE-2026-54000

CVE-2026-54000 in osquery (Windows) describes a heap buffer out-of-bounds write in getProcessCurrentDirectory() triggered via the processes table by a maliciously crafted process. The unchecked PEB string lengths in process command-line and current-directory reads allow a local attacker with low ...

7CVSS6.2AI score
Exploits0References4
CVE
CVE
added yesterday7 views

CVE-2026-54001

CVE-2026-54001 affects osquery on Windows prior to version 5.23.1. A local, unprivileged attacker can trigger a heap out-of-bounds write via the authenticode table by crafting a malicious binary query, due to publisher information parsing in getOriginalProgramName. Successful exploitation could e...

7CVSS6.2AI score
Exploits0References4
EUVD
EUVD
added yesterday5 views

EUVD-2026-42916

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not...

4.4CVSS6.2AI score
Exploits0References4
CVE
CVE
added yesterday7 views

CVE-2026-46388

CVE-2026-46388 affects osquery. Prior to version 5.23.1, unprivileged attackers could read contents of an osquery file carve before the carve completes, due to in-progress carve directories not being created with private permissions. If the carve targets a directory the attacker controls, arbitra...

4.4CVSS6.2AI score
Exploits0References4
Cvelist
Cvelist
added yesterday9 views

CVE-2026-46388 osquery: Unprivileged users can temporarily read file carve contents

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. Prior to 5.23.1, an unprivileged attacker can read the contents of an osquery file carve until the carve completes and the temporary files are deleted because in-progress carve directories are not...

4.4CVSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/12 9:0 p.m.15 views

Fleet has observer-level enrollment secret extraction via ORDER BY oracle on labels host-listing endpoint

Summary A vulnerability in Fleet's labels host-listing endpoint allowed authenticated users with the lowest-privilege Observer role to extract host enrollment secrets nodekey, orbitnodekey through a cursor-based binary search oracle. The endpoint accepted a user-supplied orderkey parameter that w...

5.4AI score0.00032EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/28 1:54 a.m.4 views

CVE-2026-28279

osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the osctrl-admin environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing environments. These...

8.4CVSS6.7AI score0.009EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/26 11:0 p.m.25 views

CVE-2026-28280 `osctrl-admin` has Stored Cross-Site Scripting (XSS) in On-Demand Query List

osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...

6.1CVSS0.00227EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/02/26 10:59 p.m.8 views

CVE-2026-28279

osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the osctrl-admin environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing environments. These...

8.4CVSS8AI score0.009EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.8 views

PT-2026-22225

Name of the Vulnerable Software and Affected Versions osctrl versions prior to 0.5.0 Description osctrl is a management solution for osquery. A command injection issue exists in the osctrl-admin environment configuration before version 0.5.0. An authenticated administrator can inject arbitrary...

9.9CVSS6.7AI score0.22162EPSS
Exploits70References138
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-12713

Malware in sbrugna...

9.1CVSS9AI score0.01281EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-13203

Malware in sbrugna...

9.3CVSS8.1AI score0.0166EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-3445

Malware in sbrugna...

8.2CVSS8.1AI score0.00587EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-18096

Malware in sbrugna...

7.8CVSS7.7AI score0.00486EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-18851

Malware in sbrugna...

5.2CVSS5.5AI score0.00944EPSS
Exploits1References6
Packet Storm News
Packet Storm News
added 2025/10/05 12:0 a.m.7 views

Cyber Warfare during Operation Sindoor: Malware Campaign Analysis and Detection Framework

Rapid digitization of critical infrastructure has made cyberwarfare one of the important dimensions of modern conflicts. Attacking the critical infrastructure is an attractive pre-emptive proposition for adversaries as it can be done remotely without crossing borders. Such attacks disturb the...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-20947

Malicious code in bioql PyPI...

4.9CVSS5.1AI score0.01764EPSS
Exploits1References1
Rows per page
Query Builder