22 matches found
CVE-2025-62789
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimalert implementation does not check whether the return value of ctimer is NULL or not before calling strdup on it. A compromised agent can cause a crash of analysisd by sending a...
CVE-2025-62788
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, wcopyeventforlog references memory initially allocated in OSCleanMSG after it has been freed. A compromised agent can potentially compromise the integrity of the application by sending a...
CVE-2025-62790
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...
CVE-2025-62788
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, wcopyeventforlog references memory initially allocated in OSCleanMSG after it has been freed. A compromised agent can potentially compromise the integrity of the application by sending a...
EUVD-2025-36674
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.12.0, a buffer over-read occurs in wexpressionmatch when strlen is called on strtest, because the corresponding buffer is not being properly NULL terminated during its allocation in OSCleanMSG...
CVE-2025-62792
CVE-2025-62792 affects Wazuh prior to 4.12.0, where a buffer over-read occurs in w_expression_match() because the buffer allocated in OS_CleanMSG() is not properly NULL terminated. This allows a compromised agent to trigger a read beyond the end of the allocated buffer by sending a crafted messag...
CVE-2025-62792 Wazuh vulnerable to Heap-based Buffer Over-read in w_expression_match
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.12.0, a buffer over-read occurs in wexpressionmatch when strlen is called on strtest, because the corresponding buffer is not being properly NULL terminated during its allocation in OSCleanMSG...
CVE-2025-62790 Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...
CVE-2025-62790
Wazuh before version 4.11.0 is vulnerable to a NULL pointer/NULL string dereference in fim_fetch_attributes_state(), where time_string is not checked for NULL before calling strlen(). A crafted agent message to the Wazuh manager can crash analysisd, causing denial of service and unavailability of...
CVE-2025-62790 Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...
CVE-2025-62789 Wazuh vulnerable to NULL pointer dereference in fim_alert line 712
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimalert implementation does not check whether the return value of ctimer is NULL or not before calling strdup on it. A compromised agent can cause a crash of analysisd by sending a...
CVE-2025-62787 Wazuh Vulnerable to Heap-based Buffer Over-read in DecodeWinevt
Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.10.2, a buffer over-read occurs in DecodeWinevt when childattrp-attributesj is accessed, because the corresponding index j is incorrect. A compromised agent can cause a READ operation beyond t...
CVE-2025-62786 Wazuh Vulnerable to Heap-based Buffer Out-Of-Bounds WRITE in decode_win_permissions
Wazuh is a free and open source platform used for threat prevention, detection, and response. A heap-based out-of-bounds WRITE occurs in decodewinpermissions, resulting in writing a NULL byte 2 bytes before the start of the buffer allocated to decodedit. A compromised agent can potentially levera...
CVE-2025-62785 Wazuh fillData NULL pointer dereference causes analysisd crash
Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData implementation does not check whether value is NULL or not before calling osstrdup on it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh...
EUVD-2025-36686
Wazuh is a free and open source platform used for threat prevention, detection, and response. fillData implementation does not check whether value is NULL or not before calling osstrdup on it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh...
PT-2025-44325
Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.11.0 Description Wazuh is a platform for threat prevention, detection, and response. A flaw exists in the DecodeCiscat implementation where the return value of cJSON GetObjectItem is not checked for a possible NULL...
PT-2025-44326
Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.12.0 Description Wazuh, a free and open source platform for threat prevention, detection, and response, contains a flaw where a buffer over-read can occur in the w expression match function. This happens when strlen i...
Improper Handling of Unexpected Data Type
Overview Affected versions of this package are vulnerable to Improper Handling of Unexpected Data Type when functions including List and SignWithFlags process successAgentMsg. This can be triggered by a malicious agent sending a single 0x06 byte SSHAGENTSUCCESS, which is unmarshalled into a...
CVE-2022-36900
Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...
CVE-2022-43428
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process...