PT-2025-50332

Hi All, Looking at the Action1 reports, and unable to see anything which would be useful to for reporting from for the vulnerability of devices. I'm looking for an export with the data similar to the below DeviceName, CveId, Severity, CVSS, PatchAvailable, Product, OS, LastSeen PC-001,...

EUVD-2025-17356

Malicious code in bioql PyPI...

CVE-2025-5480

Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Action1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo...

CVE-2025-5480

Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Action1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo...

CVE-2025-5480

CVE-2025-5480 describes an Uncontrolled Search Path Element Local Privilege Escalation in Action1. The root cause is the product loading an OpenSSL configuration file from an unsecured location, enabling a local attacker who can execute low-privileged code to escalate to SYSTEM and potentially ex...

CVE-2025-5480 Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Action1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo...

CVE-2025-5480 Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Action1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo...

Action1 代码问题漏洞

Action1 is a patch management software from Action1, Inc. Action1 suffers from a code issue vulnerability that stems from an insecure OpenSSL configuration file loading location that could lead to local elevation of privilege...

Microsoft Patch Tuesday, November 2023 Edition

Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three "zero day" vulnerabilities that Microsoft warns are already being exploited in active attacks. The zero-day threats targeting Microsoft this month...

Microsoft Patch Tuesday, June 2023 Edition

Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This months relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March...

Monti ransomware infiltrates networks via the well-known Log4Shell

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Monti ransomware infiltrated the clients internet-facing VMware Horizon virtualization system by exploiting the well-known "Log4Shell" vulnerability, a.k.a. CVE-2021-44228. Furthermore, the threat...