Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-49961

Malicious code in bioql PyPI...

5.7CVSS5.8AI score0.00211EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-4639

Malicious code in bioql PyPI...

6.8CVSS6.5AI score0.0019EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/02/27 3:11 a.m.3 views

SUSE CVE-2022-49127

In the Linux kernel, the following vulnerability has been resolved: reftracker: implement use-after-free detection Whenever reftrackerdirinit is called, mark the struct reftrackerdir as dead. Test the dead status from reftrackeralloc and reftrackerfree This should detect buggy devput/devhold...

7.8CVSS6.6AI score0.00234EPSS
Exploits0References3
Palo Alto Networks
Palo Alto Networks
added 2025/02/12 5:0 p.m.13 views

Cortex XDR Agent: Local Windows User Can Disable the Agent

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activit...

6.8CVSS7.1AI score0.0019EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.5 views

The vulnerability of the detection mechanism for network traffic analysis tools, network detection, and response by Palo Alto Networks’ Cortex XDR Agent on Windows operating systems allows attackers to disable the Cortex XDR Agent and execute arbitrary code.

The vulnerability of the detection mechanism for network traffic analysis, network detection, and response by Palo Alto Networks’ Cortex XDR Agent in Windows operating systems is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow an attack...

5.5CVSS6.2AI score0.00211EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2024/10/12 2:15 p.m.33 views

CVE-2024-49193

Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is insufficient, and the...

7.5CVSS0.0068EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/10/09 5:5 p.m.15 views

CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity...

5.7CVSS6.9AI score0.00211EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/09 5:5 p.m.20 views

CVE-2024-9469 Cortex XDR Agent: Local Windows User Can Disable the Agent

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity...

5.7CVSS0.00211EPSS
Exploits0References1
CVE
CVE
added 2024/10/09 5:5 p.m.61 views

CVE-2024-9469

CVE-2024-9469 affects the Windows Cortex XDR Agent by a detection-mechanism flaw that allows a non-administrative user to disable the agent. Root cause described as insufficient checking of unusual or exceptional states in the detection logic. Impact reported as agent disable with potential for m...

5.7CVSS5.5AI score0.00211EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/03 12:0 a.m.3 views

PT-2024-7398 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR Agent affected versions not specified Description: A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to...

5.7CVSS7AI score0.00211EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/09/11 4:42 p.m.24 views

CVE-2024-8690 Cortex XDR Agent: Local Windows Administrator Can Disable the Agent

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity...

5.6CVSS0.00188EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/11 4:42 p.m.12 views

CVE-2024-8690 Cortex XDR Agent: Local Windows Administrator Can Disable the Agent

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious activity...

5.6CVSS6.9AI score0.00188EPSS
Exploits0References1
CVE
CVE
added 2024/09/11 4:42 p.m.86 views

CVE-2024-8690

Cortex XDR Agent (Windows) is affected by a detection-mechanism issue that lets a user with Windows administrator privileges disable the agent. This local-access flaw could enable malware to disable Cortex XDR and then carry out malicious activity. The public documents do not specify affected pro...

5.6CVSS4.7AI score0.00188EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.4 views

PT-2024-9886 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR agent affected versions not specified Description: A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disabl...

5.6CVSS5.4AI score0.00188EPSS
Exploits0References16
BDU FSTEC
BDU FSTEC
added 2024/05/02 12:0 a.m.6 views

The vulnerability of the threat detection mechanism for Microsoft Defender for IoT involves an incorrect restriction on the path name to the restricted catalog, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft Defender for IoT threat detection mechanism is related to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS8AI score0.03199EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2023/07/28 11:17 p.m.20 views

Missing Image Validation

github.com/crossplane/crossplane is vulnerable to Missing Image Validation. The vulnerability exists in imageback.go due to a lack of image validation inside the packages, which allows an attacker bypass the detection mechanism for tampered packages...

9.8CVSS6.8AI score0.00719EPSS
Exploits1References7Affected Software1
Gitee
Gitee
added 2021/09/20 11:12 p.m.13 views

Exploit for Out-of-bounds Write in Php

This is an exploit module for a bug in php-fpm CVE-2019-11043. The exploit targets a vulnerability in certain nginx + php-fpm configurations, allowing a web user to execute code if the configuration is vulnerable. The exploit works by appending a specially crafted URL to the web server, which...

9.8CVSS7.7AI score0.9947EPSS
Exploits54
FireEye
FireEye
added 2021/03/03 12:0 a.m.276 views

Fuzzing Image Parsing in Windows, Part Two: Uninitialized Memory

Continuing our discussion of image parsing vulnerabilities in Windows, we take a look at a comparatively less popular vulnerability class: uninitialized memory. In this post, we will look at Windows’ inbuilt image parsers—specifically for vulnerabilities involving the use of uninitialized memory...

4.3CVSS0.5AI score0.0642EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the detection mechanism for applications in the Snort intrusion detection system allows attackers to increase their privileges.

The vulnerability of the detection mechanism of the Snort intrusion detection system is related to the implementation of an incorrect control flow. Exploiting this vulnerability can allow a malicious actor, operating remotely, to increase their privileges...

4CVSS5.8AI score0.02146EPSS
Exploits0References3Affected Software5
ThreatPost
ThreatPost
added 2019/08/08 2:33 p.m.70 views

Researchers Bypass Apple FaceID Using Biometrics 'Achilles Heel'

LAS VEGAS – Vulnerabilities have been uncovered in the authentication process of biometrics technology that could allow bad actors to bypass various facial recognition applications – including Apple’s FaceID. But there is a catch. Doing so requires the victim to be out cold. Researchers on...

0.1AI score
Exploits0References6
Rows per page
Query Builder