22 matches found
Vulnerabilities managed in Ivanti Endpoint Manager
Ivanti has addressed several vulnerabilities in Ivanti Endpoint Manager, specifically in the core server, the agent, and the web console components. These vulnerabilities concern various aspects of Ivanti Endpoint Manager. First, a remotely authenticated attacker can exploit a vulnerable method t...
Can a Single Message Paralyze the AI Infrastructure? the Rise of AbO-DDoS Attacks through Targeted Mobius Injection
Large Language Model LLM agents have emerged as key intermediaries, orchestrating complex interactions between human users and a wide range of digital services and LLM infrastructures. While prior research has extensively examined the security of LLMs and agents in isolation, the systemic risk of...
📄 Langflow Remote Code Execution
The CSV Agent node in Langflow hardcodes allowdangerouscode=True, which automatically exposes the LangChains Python REPL tool pythonreplast. As a result, an attacker can execute arbitrary Python and OS commands on the server via prompt injection, leading to full remote code execution. This module...
CVE-2026-30273
pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...
GHSA-HQXW-MM44-GC4R vulnerabilities
Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...
EUVD-2007-2124
Malware in sbrugna...
EUVD-2024-54549
Malicious code in bioql PyPI...
EUVD-2025-27543
Malicious code in bioql PyPI...
CVE-2025-8904 Privilege escalation issue in Amazon EMR Secret Agent component
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR versio...
CVE-2024-8201
Cross-Site WebSocket Hijacking vulnerability in Hitachi Ops Center Analyzer RAID Agent component.This issue affects Hitachi Ops Center Analyzer: from 10.8.0-00 before 11.0.4-00; Hitachi Ops Center Analyzer: from 10.9.0-00 before 11.0.4-00...
CVE-2024-8201 Cross-Site WebSocket Hijacking Vulnerability in Hitachi Ops Center Analyzer
Cross-Site WebSocket Hijacking vulnerability in Hitachi Ops Center Analyzer RAID Agent component.This issue affects Hitachi Ops Center Analyzer: from 10.8.0-00 before 11.0.4-00; Hitachi Ops Center Analyzer: from 10.9.0-00 before 11.0.4-00...
CVE-2024-8201 Cross-Site WebSocket Hijacking Vulnerability in Hitachi Ops Center Analyzer
Cross-Site WebSocket Hijacking vulnerability in Hitachi Ops Center Analyzer RAID Agent component.This issue affects Hitachi Ops Center Analyzer: from 10.8.0-00 before 11.0.4-00; Hitachi Ops Center Analyzer: from 10.9.0-00 before 11.0.4-00...
The vulnerability of the Windows Recovery Environment Agent component on Microsoft Windows operating systems allows a perpetrator to escalate their privileges.
The vulnerability of the Windows Recovery Environment Agent component in Microsoft Windows systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...
emp3r0r
This is a Linux post-exploitation framework made by linux user, known as emp3r0r. The framework is designed to provide a comprehensive set of tools for exploiting and manipulating Linux systems. The framework is composed of several components, including a build script, a command-line interface CL...
Path traversal
An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path...
The vulnerability of the Agent component in Dr.Web, a antivirus protection tool, allows a hacker to trigger a service failure.
The vulnerability of the Agent component in the Dr.Web anti-virus security tool, Dr.Web Enterprise Security Suite, exists due to insufficient validation of input data. Exploiting this vulnerability can allow attackers to cause failures in named communication channels with user applications by...
Joomla Estate Agent Component 'id' Parameter SQL Injection Vulnerability
This host is running Joomla The Estate Agent component and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomestateagentsqlinjvuln.nasl 6022 2017-04-25 12:51:04Z teissa $ Joomla Estate Agent Component 'id' Parameter SQL Injection Vulnerability Authors: Madhuri D...
InduSoft Web Studio Multiple Remote Code Execution Vulnerabilitites
This host is installed with Indusoft Web Studio and is prone to multiple remote code execution vulnerabilities. OpenVAS Vulnerability Test $Id: gbindusoftwebstudiomultremotecodeexecvuln.nasl 5367 2017-02-20 14:16:52Z cfi $ InduSoft Web Studio Multiple Remote Code Execution Vulnerabilitites Author...
DriveLock DriveLock.exe HTTP Request Processing Remote Overflow
DriveLock, an application for controlling access to computer devices, is installed on the remote host. According to its version, the DriveLock Agent component, which acts as a web server, on the remote host fails to properly handle long HTTP requests. An unauthenticated, remote attacker may be ab...
Design/Logic Flaw
Unspecified vulnerability in the Agent component in Oracle Enterprise Manager 9.2.0.8 has unknown impact and remote attack vectors, aka EM01...