20 matches found
EUVD-2024-49961
Malicious code in bioql PyPI...
EUVD-2025-4639
Malicious code in bioql PyPI...
SUSE CVE-2022-49127
In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...
Cortex XDR Agent: Local Windows User Can Disable the Agent
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activit...
The vulnerability of the detection mechanism for network traffic analysis tools, network detection, and response by Palo Alto Networks’ Cortex XDR Agent on Windows operating systems allows attackers to disable the Cortex XDR Agent and execute arbitrary code.
The vulnerability of the detection mechanism for network traffic analysis, network detection, and response by Palo Alto Networks’ Cortex XDR Agent in Windows operating systems is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow an attack...
CVE-2024-49193
Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is insufficient, and the...
CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity...
CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity...
CVE-2024-9469
CVE-2024-9469 affects the Windows Cortex XDR Agent by a detection-mechanism flaw that allows a non-administrative user to disable the agent. Root cause described as insufficient checking of unusual or exceptional states in the detection logic. Impact reported as agent disable with potential for m...
PT-2024-7398 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR Agent affected versions not specified Description: A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to...
CVE-2024-8690 Cortex XDR Agent: Local Windows Administrator Can Disable the Agent
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity...
CVE-2024-8690 Cortex XDR Agent: Local Windows Administrator Can Disable the Agent
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity...
CVE-2024-8690
Cortex XDR Agent (Windows) is affected by a detection-mechanism issue that lets a user with Windows administrator privileges disable the agent. This local-access flaw could enable malware to disable Cortex XDR and then carry out malicious activity. The public documents do not specify affected pro...
PT-2024-9886 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR agent affected versions not specified Description: A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disabl...
The vulnerability of the threat detection mechanism for Microsoft Defender for IoT involves an incorrect restriction on the path name to the restricted catalog, allowing attackers to execute arbitrary code.
The vulnerability of the Microsoft Defender for IoT threat detection mechanism is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
Missing Image Validation
github.com/crossplane/crossplane is vulnerable to Missing Image Validation. The vulnerability exists in imageback.go due to a lack of image validation inside the packages, which allows an attacker bypass the detection mechanism for tampered packages...
Exploit for Out-of-bounds Write in Php
This is an exploit module for a bug in php-fpm CVE-2019-11043. The exploit targets a vulnerability in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit works by appending a specially crafted URL to the web server, which...
Fuzzing Image Parsing in Windows, Part Two: Uninitialized Memory
Continuing our discussion of image parsing vulnerabilities in Windows, we take a look at a comparatively less popular vulnerability class: uninitialized memory. In this post, we will look at Windows’ inbuilt image parsers—specifically for vulnerabilities involving the use of uninitialized memory...
The vulnerability of the detection mechanism for applications in the Snort intrusion detection system allows attackers to increase their privileges.
The vulnerability of the detection mechanism of the Snort intrusion detection system is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow a malicious actor, operating remotely, to increase their privileges...
Researchers Bypass Apple FaceID Using Biometrics 'Achilles Heel'
LAS VEGAS – Vulnerabilities have been uncovered in the authentication process of biometrics technology that could allow bad actors to bypass various facial recognition applications – including Apple’s FaceID. But there is a catch. Doing so requires the victim to be out cold. Researchers on...