CVE-2025-64997 Insufficient permission validation when showing agent information

Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure...

CVE-2025-64997 Insufficient permission validation when showing agent information

Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure...

CVE-2025-64997

CVE-2025-64997 pertains to Checkmk where insufficient permission validation in REST API endpoints can let low-privileged users view agent information, leading to information disclosure. The issue affects Checkmk versions prior to 2.4.0p17 and prior to 2.3.0p42. The Red Hat, Ubuntu, OSV, CNA/CVE r...

EUVD-2017-15680

Malware in sbrugna...

CVE-2023-41750

Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent Linux, macOS, Windows before build 32047...

CVE-2022-22547

Simple Diagnostics Agent - versions 1.0 up to version 1.57., allows an attacker to access information which would otherwise be restricted via a random port 9000-65535. This allows information gathering which could be used exploit future open-source security exploits...

CVE-2021-25240

An improper access control vulnerability in Trend Micro Apex One on-prem and SaaS, OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain x64 agent hofitx information...

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. An access control error vulnerability exists in Trend Micro Apex One, which can be exploited by an attacker to obtain sensitive information on an agent...

Trend Micro Apex One 安全漏洞

Trend Micro Apex One is an endpoint protection software from Trend Micro. An access control error vulnerability exists in Trend Micro Apex One, which can be exploited by an attacker to obtain sensitive information on an agent...

SUSE CVE-2010-2523

Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted 1 NDOPTPREFIXINFORMATION or 2 NDOPTHOMEAGENTINFO packet...

SUSE CVE-2010-3696

The frdhcpdecode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service infinite loop and daemon outage via a packet that has more than one sub-option...

CVE-2022-25248 PTC Axeda agent and Axeda Desktop Server Information Exposure

When connecting to a certain port Axeda agent All versions and Axeda Desktop Server for Windows All versions supplies the event log of the specific service...

UBUNTU-CVE-2019-12497

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents e.g., Name and mail address can be disclosed in external notes...

PT-2019-12826 · Otrs +2 · Otrs +2

Name of the Vulnerable Software and Affected Versions: Open Ticket Request System OTRS versions 7.0.x through 7.0.8 Open Ticket Request System OTRS Community Edition versions 6.0.x through 6.0.19 Open Ticket Request System OTRS Community Edition versions 5.0.x through 5.0.36 Description: An issue...

Mail.ru: XSS on account.mail.ru/login

Уязвимость на станице https://account.mail.ru/login и подготовка файлов для атаки --------------------- В процессе исследования заметил, что на странице https://account.mail.ru/login не валидируется значение параметра v. Значение выводится на странице как есть и используется в пути до скрипта...

CVE-2017-6626

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE 11.51 and 11.61 could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account tha...

CVE-2017-6626

CVE-2017-6626 affects Cisco Finesse Notification Service in Cisco UCCE 11.5(1) and 11.6(1). Root cause: a user account with an undocumented hard-coded password allows unauthenticated, remote attackers to subscribe to the Finesse Notification Service and receive agent-related notifications (sign-i...

Cisco Finesse for Cisco Unified Contact Center Enterprise Information Disclosure Vulnerability

A vulnerability in the Cisco Finesse Notification Service for Cisco Unified Contact Center Enterprise UCCE could allow an unauthenticated, remote attacker to retrieve information from agents using the Finesse Desktop. The vulnerability is due to the existence of a user account that has an...

SAP Host Agent Information Disclosure

This module attempts to retrieve Computer and OS info from Host Agent through the SAP HostControl service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'SAP Host Agen...

CVE-2010-3696

The frdhcpdecode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does not properly handle the DHCP Relay Agent Information option, which allows remote attackers to cause a denial of service infinite loop and daemon outage via a packet that has more than one sub-option...