Lucene search
K

274 matches found

RedhatCVE
RedhatCVE
added 2025/05/15 6:9 p.m.11 views

CVE-2025-4660

A remote code execution vulnerability exists in the Windows agent component of SecureConnector due to improper access controls on a named pipe. The pipe is accessible to the Everyone group and does not restrict remote connections, allowing any network-based attacker to connect without...

9.8CVSS7.9AI score0.00957EPSS
Exploits1References1
OSV
OSV
added 2025/04/30 5:15 p.m.4 views

CVE-2025-3599

Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user...

7.5CVSS5.8AI score0.00233EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/30 4:49 p.m.7 views

CVE-2025-3599 Symantec Endpoint Protection Elevation of Privilege

Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user...

6.5CVSS6.9AI score0.00233EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.4 views

Broadcom Symantec Endpoint Protection Windows Agent 安全漏洞

Broadcom Symantec Endpoint Protection Windows Agent is a client component of an endpoint security solution from Broadcom, Inc. A security vulnerability exists in Broadcom Symantec Endpoint Protection Windows Agent versions prior to 119.1.7.8, which stems from an elevation of privilege vulnerabili...

7.5CVSS6.8AI score0.00233EPSS
Exploits0References3
Palo Alto Networks
Palo Alto Networks
added 2025/02/12 5:0 p.m.14 views

Cortex XDR Agent: Local Windows User Can Disable the Agent

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activit...

6.8CVSS7.1AI score0.0019EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/06 4:8 a.m.5 views

SUSE CVE-2024-35177

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...

7.8CVSS7.4AI score0.00263EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/05 1:18 a.m.10 views

CVE-2024-20430

A vulnerability in Cisco Meraki Systems Manager SM Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges. This vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this...

7.3CVSS7.5AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:8 p.m.6 views

CVE-2024-0670

Privilege escalation in windows agent plugin in Checkmk before 2.2.0p23, 2.1.0p40 and 2.0.0 EOL allows local user to escalate privileges...

8.8CVSS7.1AI score0.00342EPSS
Exploits5References1
NVD
NVD
added 2025/02/03 10:15 p.m.29 views

CVE-2024-35177

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...

7.8CVSS0.00263EPSS
Exploits1References1
OSV
OSV
added 2025/02/03 9:35 p.m.5 views

CVE-2024-35177 Improper Access Control in wazuh-agent

Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...

7.8CVSS7AI score0.00263EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/02/03 12:0 a.m.4 views

PT-2025-2436 · Wazuh +1 · Wazuh +1

Name of the Vulnerable Software and Affected Versions: Wazuh versions prior to 4.9.0 Description: The issue is related to improper access control in the Wazuh agent for Windows, allowing a local malicious user to potentially exploit this vulnerability by placing a specially crafted DLL file in th...

10CVSS7.1AI score0.02652EPSS
Exploits4References83
Positive Technologies
Positive Technologies
added 2025/01/30 12:0 a.m.3 views

PT-2025-5585 · Acronis · Acronis Cyber Protect Cloud Agent

Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Cloud Agent Windows versions prior to build 39378 Description: The issue is related to a local privilege escalation due to a DLL hijacking vulnerability. This vulnerability affects Acronis Cyber Protect Cloud Agent...

7CVSS7.2AI score0.00134EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/12/25 2:28 a.m.3 views

Trend Micro Deep Security 20.0 Agent (for Windows) vulnerable to uncontrolled search path element

Overview Trend Micro Incorporated has released the security updates for Deep Security 20.0 Agent for Windows that contains a fix for an uncontrolled search path element vulnerability CWE-427, CVE-2024-55955. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the...

7.3CVSS6.6AI score0.00133EPSS
Exploits0References5
NVD
NVD
added 2024/12/19 4:15 p.m.22 views

CVE-2024-38864

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

4.8CVSS0.0018EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/19 4:7 p.m.12 views

CVE-2024-38864 User-Readable Private Key in Windows Agent

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

4.8CVSS6.4AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2024/12/19 4:7 p.m.53 views

CVE-2024-38864

CVE-2024-38864 concerns incorrect permissions on the Checkmk Windows Agent data directory, allowing a local attacker to read sensitive data. Affected are Checkmk Windows Agent implementations prior to 2.3.0p23, prior to 2.2.0p38, and earlier than or equal to 2.1.0p49 (EOL). The issue is local and...

4.8CVSS6AI score0.0018EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/12/19 4:7 p.m.6 views

CVE-2024-38864 User-Readable Private Key in Windows Agent

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

4.8CVSS6AI score0.0018EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/19 4:7 p.m.34 views

CVE-2024-38864 User-Readable Private Key in Windows Agent

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

4.8CVSS0.0018EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/19 12:0 a.m.4 views

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk that stems from incorrect permissions on the Checkmk Windows Agent data directory, allowing a local attacker to read sensitive data...

4.8CVSS6.1AI score0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.5 views

PT-2024-28245 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p23 Checkmk versions prior to 2.2.0p38 Checkmk versions prior to or equal to 2.1.0p49 Description: The issue is related to incorrect permissions on the Checkmk Windows Agent's data directory, allowing a local...

4.8CVSS6.7AI score0.0018EPSS
Exploits0References5
Rows per page
Query Builder