EUVD-2000-0775

Malware in sbrugna...

EUVD-2022-5928

Malicious code in bioql PyPI...

EUVD-2023-31025

Malicious code in bioql PyPI...

CVE-2025-10540 Unencrypted and Unauthenticated Communication Allows Data Exposure and Manipulation in iMonitor EAM

iMonitor EAM 9.6394 transmits communication between the EAM client agent and the EAM server, as well as between the EAM monitor management software and the server, in plaintext without authentication or encryption. An attacker with network access can intercept sensitive information such as...

CVE-2023-27247

Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...

CVE-2022-41606

HashiCorp Nomad and Nomad Enterprise 1.0.2 up to 1.2.12, and 1.3.5 jobs submitted with an artifact stanza using invalid S3 or GCS URLs can be used to crash client agents. Fixed in 1.2.13, 1.3.6, and 1.4.0...

CVE-2022-30324

HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8, and 1.3.1...

Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability,...

CVE-2024-7625

Vulnerability summary (CVE-2024-7625) : HashiCorp Nomad and Nomad Enterprise prior to fixed versions are affected by an archive-unpacking bug that allows writes outside the allocation directory during migration when multiple archive headers target the same file. A prerequisite is access or compro...

CVE-2024-7625 Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking

In HashiCorp Nomad and Nomad Enterprise from 0.6.1 up to 1.6.13, 1.7.10, and 1.8.2, the archive unpacking process is vulnerable to writes outside the allocation directory during migration of allocation directories when multiple archive headers target the same file. This vulnerability,...

VulnCheck KEV: CVE-2022-29153

HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5...

SMShell - Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers

PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers. This tool came as an insipiration during a research on eSIM security implications led by Markus Vervier, presented at Offensivecon 2023 Disclaimer This is not a complete C2 but rather...

CVE-2023-27247

Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...

CVE-2023-27247

Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...

Code injection

Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...

Cynet Client Agent 安全漏洞

Cynet Client Agent is a client agent from Cynet Corporation. A security vulnerability exists in Cynet Client Agent version 4.6.0.8010, which stems from a vulnerability that allows EDR protection to be disabled via a process's privilege token...

CVE-2023-27247

Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...

PT-2023-21029 · Cynet · Cynet Client Agent

Name of the Vulnerable Software and Affected Versions: Cynet Client Agent version 4.6.0.8010 Description: The issue allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens. Recommendations: For Cynet Client Agent version 4.6.0.8010, consider...

CVE-2023-27247

CVE-2023-27247 concerns Cynet Client Agent v4.6.0.8010. The vulnerability enables local attackers with Administrator rights to disable EDR protection by disabl ing the process privilege tokens, effectively weakening security controls. The CVE entry provides a CVSS v3.1 base score of 4.4 (Medium) ...

CVE-2023-27247

Cynet Client Agent v4.6.0.8010 allows attackers with Administrator rights to disable the EDR functions by disabling process privilege tokens...