60 matches found
CVE-2025-34294
...
EUVD-2020-28416
Malware in sbrugna...
EUVD-2020-28417
Malware in sbrugna...
EUVD-2020-28453
Malware in sbrugna...
EUVD-2020-28418
Malware in sbrugna...
EUVD-2022-43772
Malicious code in bioql PyPI...
CVE-2023-50260
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...
CVE-2022-40497
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution RCE vulnerability via the Active Response endpoint...
Expanding the Security Horizon: Introducing Rapid7 MDR for the Extended Ecosystem
As the cybersecurity landscape gets more complex, the stakes for keeping organizations safe have never been higher. Security teams are tasked with keeping ahead of new ransomware groups, rapidly evolving adversary tactics, and their dynamic attack surface as their business grows. Security...
Wazuh Active Response Module Improper Input Validation Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Wazuh. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of IP address arguments. The issue results from the lack of proper validation of JSON...
CVE-2023-50260
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...
CVE-2023-50260 Wazuh's vulnerability in host_deny AR script allows arbitrary command execution
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...
CVE-2023-50260
Wazuh contains a vulnerability in the host_deny active-response script due to improper input validation for IP/JSON handling. An attacker can write arbitrary text into /etc/hosts.deny via the host_deny spawn directive, enabling arbitrary command execution. This can cause local privilege escalatio...
CVE-2023-50260 Wazuh's vulnerability in host_deny AR script allows arbitrary command execution
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...
CVE-2023-50260 Wazuh's vulnerability in host_deny AR script allows arbitrary command execution
Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the hostdeny script allows to write any string in the hosts.deny file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active...
Attackers are Working Around The Clock. Luckily, So Are We.
It takes an average of 204 days for organizations to discover a breach, and from there an average of 73 days to contain it. With the average cost of a breach at an all time high of $4.45 million IBM’s Cost of a Data Breach Report 2023, there’s an undeniable need for teams to enlist the right...
PT-2023-9078 · Wazuh · Wazuh
Name of the Vulnerable Software and Affected Versions: Wazuh versions prior to 4.7.2 Description: The issue is related to the host deny script in Wazuh's active response feature, which allows for the execution of arbitrary commands on the target system due to improper input validation. This can b...
Wazuh Code Execution Vulnerability
Wazuh is an Wazuh open source application. Wazuh 3.6.1 and later, 3.13.5 and earlier, 4.0.0 and later, 4.2.7 and earlier, and 4.3.0 and later, 4.3.7 and earlier are vulnerable to a code execution vulnerability that stems from Active Response endpoint fails to properly filter the special elements ...
CVE-2022-40497
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution RCE vulnerability via the Active Response endpoint...
CVE-2022-40497
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution RCE vulnerability via the Active Response endpoint...