Lucene search
K

58 matches found

Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.7 views

PT-2025-51782

Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...

6.2CVSS7.1AI score0.00085EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.9 views

PT-2025-45096

Name of the Vulnerable Software and Affected Versions BMC Control-M/Agent affected versions not specified Description The Control-M/Agent is susceptible to unauthenticated remote code execution, arbitrary file read and write, and other unauthorized actions when mutual SSL/TLS authentication is no...

10CVSS7.7AI score0.00786EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-3712

Malware in sbrugna...

7.5CVSS5.6AI score0.48138EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-49852

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.0024EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-18557

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00123EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/25 3:49 p.m.15 views

CVE-2024-13975 Commvault 11.20.0 - 11.36.0 Windows Access Nodes Compromise via Local File Server Agent Abuse

A local privilege escalation vulnerability exists in Commvault for Windows versions 11.20.0, 11.28.0, 11.32.0, 11.34.0, and 11.36.0. In affected configurations, a local attacker who owns a client system with the file server agent installed can compromise any assigned Windows access nodes. This ma...

8.5CVSS0.00119EPSS
Exploits0References2
CVE
CVE
added 2025/07/25 3:49 p.m.18 views

CVE-2024-13975

CVE-2024-13975 concerns Commvault for Windows, affecting versions 11.20.0–11.36.0. The issue is a local privilege escalation where a local attacker who has a client system with the File Server Agent installed can compromise assigned Windows access nodes, potentially enabling unauthorized access o...

8.5CVSS6.6AI score0.00119EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.9 views

CVE-2025-5141

A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager BoKS on versions 7.2.0 up to 7.2.0.17, 8.1.0 up to 8.1.0.22, 8.1.1 up to 8.1.1.7, 9.0.0 up to 9.0.0.1 and also legacy tar installs of BoKS 7.2 without hotfix 0474 on Linux, AIX, and Solaris allows low privilege...

5.5CVSS6.9AI score0.00123EPSS
Exploits0References1
CVE
CVE
added 2025/06/17 7:30 p.m.21 views

CVE-2025-5141

CVE-2025-5141 affects Fortra’s Core Privileged Access Manager (BoKS). The flaw is in the BoKS Server Agent component, allowing low-privilege local users to dump data from the cache. Affected versions: BoKS 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1...

5.5CVSS5.5AI score0.00123EPSS
Exploits0References1
OSV
OSV
added 2024/12/04 2:15 a.m.3 views

CVE-2024-42452

A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability...

8.8CVSS5.8AI score0.00483EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/08/02 12:0 a.m.12 views

Moxa EDR-810 Server Agent Information Disclosure (CVE-2017-12128)

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability. This plugin only works with...

7.5CVSS6.1AI score0.48138EPSS
Exploits2References2
OSV
OSV
added 2022/02/15 2:4 p.m.27 views

CVE-2022-24684

HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6...

6.5CVSS6.4AI score0.01396EPSS
Exploits0References6
OSV
OSV
added 2018/05/14 8:29 p.m.5 views

CVE-2017-12128

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...

7.5CVSS5.8AI score0.48138EPSS
Exploits2References1
Prion
Prion
added 2018/05/14 8:29 p.m.21 views

Information disclosure

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...

5CVSS7AI score0.48138EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2018/05/14 8:0 p.m.31 views

CVE-2017-12128

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...

5.3CVSS7AI score0.48138EPSS
Exploits2References1
CVE
CVE
added 2018/05/14 8:0 p.m.64 views

CVE-2017-12128

CVE-2017-12128 affects Moxa EDR-810, specifically the Server Agent in version 4.1 build 17030317. A crafted TCP packet (0x21) over TCP/4000 can trigger an information-disclosure vulnerability, exposing device data (model, firmware, serial, location, MAC, IP mask, etc.). Public writeups from Talos...

7.5CVSS7AI score0.48138EPSS
Exploits2References1Affected Software1
Positive Technologies
Positive Technologies
added 2018/05/14 12:0 a.m.5 views

PT-2018-5369 · Moxa · Moxa Edr-810

Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317 Description: An information disclosure issue exists in the Server Agent functionality. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigg...

7.5CVSS5.2AI score0.48138EPSS
Exploits2References2
Talos
Talos
added 2018/04/13 12:0 a.m.46 views

Moxa EDR-810 Server Agent Information Disclosure Vulnerability

Summary An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability. Tested Versions Moxa...

7.5CVSS5.7AI score0.48138EPSS
Exploits2
CNVD
CNVD
added 2018/03/06 12:0 a.m.2 views

Gemalto SafeNet Authentication Service for NPS Agent Elevation of Privilege Vulnerability

Gemalto SafeNet Authentication Service for NPS Agent is a network access policy agent from Gemalto USA. A security vulnerability exists in Gemalto SafeNet Authentication Service for NPS Agent due to the program's use of weak access control lists for installation directories and executable modules...

7.8CVSS6.8AI score0.00399EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2017/03/15 5:30 p.m.516 views

Information Disclosure in Terminal Server Agent

An information disclosure vulnerability exists in the Terminal Server TS agent. Session information may be disclosed due to insecure permissions WINAGENT-43 / CVE-2017-6356. The information disclosure is limited to session information. This issue affects TS agent 6.0, TS agent 7.0, and TS agent...

2.3AI score0.00978EPSS
Exploits0References1
Rows per page
Query Builder