Lucene search
K

275 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-0670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 EOL allows local user to escalate privileges CVE-2024-0670 Note that...

8.8CVSS7.8AI score0.00342EPSS
Exploits5References2
Positive Technologies
Positive Technologies
added 2025/09/10 12:0 a.m.5 views

PT-2025-37047

Name of the Vulnerable Software and Affected Versions: N-central Windows Agent and Probe affected versions not specified Description: An incorrect file handling permission issue exists in the N-central Windows Agent and Probe. This can allow a local low-level user to execute commands with elevate...

7CVSS6.3AI score0.00118EPSS
Exploits0References6
NVD
NVD
added 2025/07/14 9:15 a.m.14 views

CVE-2024-26291

An Unauthenticated Arbitrary File Read vulnerability affects the Agent when installed on a system. The parameter filename does not validate the path thus allowing users to read arbitrary files. As the application runs with the highest privileges root/NTAUTHORITY SYSTEM by default attackers are ab...

8.7CVSS0.01083EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/08 12:0 a.m.4 views

Microsoft Azure Monitor Agent Installed (Windows)

Binary data microsoftazuremonitoragentwininstalled.nbin...

7.3AI score
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/06/11 2:59 a.m.6 views

CVE-2024-1244

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2...

9.5CVSS8.4AI score0.00297EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/11 2:59 a.m.13 views

CVE-2024-1244 Remote code execution and local privilege escalation due to UNC access and NetNTLMv2 hash theft

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2...

9.5CVSS8.3AI score0.00297EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/11 1:15 a.m.39 views

CVE-2024-1243 Remote code execution and local privilege escalation in Wazuh Windows agent via NetNTLMv2 hash theft

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...

9.5CVSS0.00545EPSS
Exploits1References3
CVE
CVE
added 2025/06/11 1:15 a.m.64 views

CVE-2024-1243

The CVE-2024-1243 entry concerns Wazuh agent for Windows prior to 4.8.0. It states improper input validation can be exploited by an attacker who controls the Wazuh server or agent key to configure the agent to connect to a malicious UNC path, leading to leakage of the machine account NetNTLMv2 ha...

9.5CVSS8.2AI score0.00545EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.5 views

OSSEC HIDS agent for Windows 安全漏洞

OSSEC HIDS agent for Windows is an OSSEC open source intrusion detection system for windows. A security vulnerability exists in OSSEC HIDS agent for Windows prior to version 3.8.0 that stems from improper input validation and could lead to remote code execution or elevation of privilege...

9.5CVSS7.7AI score0.00297EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:32 a.m.5 views

CVE-2024-52926

Delinea Privilege Manager before 12.0.2 mishandles the security of the Windows agent...

6.5CVSS7.1AI score0.00172EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:33 a.m.9 views

CVE-2024-22331

IBM UrbanCode Deploy UCD 7.0 through 7.0.5.19, 7.1 through 7.1.2.15, 7.2 through 7.2.3.8, 7.3 through 7.3.2.3, and IBM UrbanCode Deploy UCD - IBM DevOps Deploy 8.0.0.0 could disclose sensitive user information when installing the Windows agent. IBM X-Force ID: 279971...

6.2CVSS6AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:27 a.m.9 views

CVE-2024-38864

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

4.8CVSS6.4AI score0.00184EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:14 a.m.11 views

CVE-2023-41676

An exposure of sensitive information to an unauthorized actor CWE-200 in FortiSIEM version 7.0.0 and before 6.7.5 may allow an attacker with access to windows agent logs to obtain the windows agent password via searching through the logs...

6.5CVSS6.5AI score0.00449EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:11 a.m.9 views

CVE-2022-36174

FreshService Windows Agent 2.11.0 and FreshService macOS Agent 4.2.0 and FreshService Linux Agent 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service...

8.1CVSS6.8AI score0.00456EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:11 p.m.8 views

CVE-2020-8884

rcdsvc in the Proofpoint Insider Threat Management Windows Agent formerly ObserveIT Windows Agent before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes...

9CVSS7.8AI score0.04086EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:54 p.m.12 views

CVE-2020-9292

An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path...

9.8CVSS7AI score0.01545EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:52 p.m.9 views

CVE-2020-13178

A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to version 20.04.1 does not properly validate the signature of an external binary, which could allow an attacker to gain elevated privileges via execution in the context of the PCoIP Agent process...

6.7CVSS7.3AI score0.00235EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:42 p.m.10 views

CVE-2020-8838

An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows agent, it does not validate the source and binary downloaded. This allows an attacker on an adjacent network to execute code with NT AUTHORITY/SYSTEM privileges on the agent machines by providing an...

6.4CVSS7.3AI score0.01557EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:12 p.m.5 views

CVE-2020-1391

An information disclosure vulnerability exists when the Windows Agent Activation Runtime AarSvc fails to properly handle objects in memory, aka 'Windows Agent Activation Runtime Information Disclosure Vulnerability'...

5.5CVSS6.2AI score0.01224EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 1:27 p.m.8 views

CVE-2018-16715

An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. The security permissions on the %ProgramData%\CTES folder and sub-folders may allow write access to low-privileged user accounts. This allows unauthorized replacement of service program executable EXE or dynamical...

8.8CVSS7AI score0.00861EPSS
Exploits0References1
Rows per page
Query Builder