58 matches found
PT-2025-51782
Insecure defaults in the Server Agent component of Fortra's Core Privileged Access Manager BoKS can result in the selection of weak password hash algorithms. This issue affects BoKS Server Agent 9.0 instances that support yescrypt and are running in a BoKS 8.1 domain...
PT-2025-45096
Name of the Vulnerable Software and Affected Versions BMC Control-M/Agent affected versions not specified Description The Control-M/Agent is susceptible to unauthenticated remote code execution, arbitrary file read and write, and other unauthorized actions when mutual SSL/TLS authentication is no...
EUVD-2017-3712
Malware in sbrugna...
EUVD-2024-49852
Malicious code in bioql PyPI...
EUVD-2025-18557
Malicious code in bioql PyPI...
CVE-2024-13975 Commvault 11.20.0 - 11.36.0 Windows Access Nodes Compromise via Local File Server Agent Abuse
A local privilege escalation vulnerability exists in Commvault for Windows versions 11.20.0, 11.28.0, 11.32.0, 11.34.0, and 11.36.0. In affected configurations, a local attacker who owns a client system with the file server agent installed can compromise any assigned Windows access nodes. This ma...
CVE-2024-13975
CVE-2024-13975 concerns Commvault for Windows, affecting versions 11.20.0–11.36.0. The issue is a local privilege escalation where a local attacker who has a client system with the File Server Agent installed can compromise assigned Windows access nodes, potentially enabling unauthorized access o...
CVE-2025-5141
A binary in the BoKS Server Agent component of Fortra's Core Privileged Access Manager BoKS on versions 7.2.0 up to 7.2.0.17, 8.1.0 up to 8.1.0.22, 8.1.1 up to 8.1.1.7, 9.0.0 up to 9.0.0.1 and also legacy tar installs of BoKS 7.2 without hotfix 0474 on Linux, AIX, and Solaris allows low privilege...
CVE-2025-5141
CVE-2025-5141 affects Fortra’s Core Privileged Access Manager (BoKS). The flaw is in the BoKS Server Agent component, allowing low-privilege local users to dump data from the cache. Affected versions: BoKS 7.2.0 (up to 7.2.0.17), 8.1.0 (up to 8.1.0.22), 8.1.1 (up to 8.1.1.7), 9.0.0 (up to 9.0.0.1...
CVE-2024-42452
A vulnerability in Veeam Backup & Replication allows a low-privileged user to start an agent remotely in server mode and obtain credentials, effectively escalating privileges to system-level access. This allows the attacker to upload files to the server with elevated privileges. The vulnerability...
Moxa EDR-810 Server Agent Information Disclosure (CVE-2017-12128)
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability. This plugin only works with...
CVE-2022-24684
HashiCorp Nomad and Nomad Enterprise 0.9.0 through 1.0.16, 1.1.11, and 1.2.5 allow operators with job-submit capabilities to use the spread stanza to panic server agents. Fixed in 1.0.18, 1.1.12, and 1.2.6...
CVE-2017-12128
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...
Information disclosure
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...
CVE-2017-12128
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability...
CVE-2017-12128
CVE-2017-12128 affects Moxa EDR-810, specifically the Server Agent in version 4.1 build 17030317. A crafted TCP packet (0x21) over TCP/4000 can trigger an information-disclosure vulnerability, exposing device data (model, firmware, serial, location, MAC, IP mask, etc.). Public writeups from Talos...
PT-2018-5369 · Moxa · Moxa Edr-810
Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 version 4.1 build 17030317 Description: An information disclosure issue exists in the Server Agent functionality. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigg...
Moxa EDR-810 Server Agent Information Disclosure Vulnerability
Summary An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability. Tested Versions Moxa...
Gemalto SafeNet Authentication Service for NPS Agent Elevation of Privilege Vulnerability
Gemalto SafeNet Authentication Service for NPS Agent is a network access policy agent from Gemalto USA. A security vulnerability exists in Gemalto SafeNet Authentication Service for NPS Agent due to the program's use of weak access control lists for installation directories and executable modules...
Information Disclosure in Terminal Server Agent
An information disclosure vulnerability exists in the Terminal Server TS agent. Session information may be disclosed due to insecure permissions WINAGENT-43 / CVE-2017-6356. The information disclosure is limited to session information. This issue affects TS agent 6.0, TS agent 7.0, and TS agent...