13 matches found
EUVD-2018-1881
Malware in sbrugna...
EUVD-2018-0234
Malware in sbrugna...
CVE-2018-1000209
Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via Unprivileged user may place a...
CVE-2018-1000209
Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via Unprivileged user may place a...
Design/Logic Flaw
Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via Unprivileged user may place a...
CVE-2018-1000209
CVE-2018-1000209 affects Sensu Core on Windows prior to 1.4.2-3, where an insecure permissions issue allows unprivileged users to execute code in the context of the Sensu service account by placing an arbitrary DLL in c:\opt\sensu\embedded\bin and abusing Windows DLL load order. The vulnerability...
CVE-2018-1000209
Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context of Sensu service account. This attack appear to be exploitable via Unprivileged user may place a...
Sensu Core Information Disclosure Vulnerability
Sensu Core is a set of business system monitoring platform from Sensu Corporation. The platform is capable of monitoring servers, services, application network devices, and other remote resources. A security vulnerability exists in the 'Sensu::Utilities.redactsensitive' function in Sensu Core...
CVE-2018-1000060
Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redactsensitive that can result in sensitive configuration data e.g. passwords may be logged in clear-text. This attack appear to be exploitabl...
CVE-2018-1000060
Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redactsensitive that can result in sensitive configuration data e.g. passwords may be logged in clear-text. This attack appear to be exploitabl...
Design/Logic Flaw
Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redactsensitive that can result in sensitive configuration data e.g. passwords may be logged in clear-text. This attack appear to be exploitabl...
CVE-2018-1000060
Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redactsensitive that can result in sensitive configuration data e.g. passwords may be logged in clear-text. This attack appear to be exploitabl...
CVE-2018-1000060
CVE-2018-1000060 affects Sensu Core prior to 1.2.0 (and before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b). The root cause is Sensu::Utilities.redact_sensitive() failing to redact sensitive data in deeply nested structures, causing passwords and other credentials to be logged in clear-text i...