43 matches found
CVE-2026-45207
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the abilit...
EUVD-2024-54397
Malicious code in bioql PyPI...
EUVD-2022-51679
Malicious code in bioql PyPI...
EUVD-2025-2154
Malicious code in bioql PyPI...
CVE-2025-20259
Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These vulnerabilities are due to improper access controls on files that are in the local file system. An...
CVE-2025-20259
Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These vulnerabilities are due to improper access controls on files that are in the local file system. An...
CVE-2025-20259 Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Write Vulnerability
Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These vulnerabilities are due to improper access controls on files that are in the local file system. An...
CVE-2025-20259
Cisco ThousandEyes Endpoint Agent for Windows is affected by vulnerabilities in the update process that allow an authenticated, local attacker to delete arbitrary files via a symbolic-link upgrade path. Root cause: improper access controls on local filesystem during the agent upgrade, enabling th...
CVE-2025-20259 Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Write Vulnerability
Multiple vulnerabilities in the update process of Cisco ThousandEyes Endpoint Agent for Windows could allow an authenticated, local attacker to delete arbitrary files on an affected device. These vulnerabilities are due to improper access controls on files that are in the local file system. An...
PT-2025-23820 · Cisco · Cisco Thousandeyes Endpoint Agent For Windows
Name of the Vulnerable Software and Affected Versions: Cisco ThousandEyes Endpoint Agent for Windows affected versions not specified Description: The issue is related to improper access controls on files in the local file system of the Cisco ThousandEyes Endpoint Agent for Windows. An...
CVE-2022-4326
Improper preservation of permissions vulnerability in Trellix Endpoint Agent xAgent prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality...
CVE-2022-47529
Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...
CVE-2024-13861
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent Linux versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected...
CVE-2024-13861
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent Linux versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected...
CVE-2024-13861
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent Linux versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected...
CVE-2024-13861
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent Linux versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected...
CVE-2024-13861
CVE-2024-13861 affects Taegis Endpoint Agent (Linux) specifically the Debian package component, with versions older than 1.3.10 vulnerable to local code execution as root due to a code-injection issue. Redhat-based RPM deployments are not affected. Remediation: update Debian-based installations t...
CVE-2024-13861
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent Linux versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected...
CVE-2024-13861
A code injection vulnerability in the Debian package component of Taegis Endpoint Agent Linux versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected...
Citrix Virtual Apps and Desktops 2407 : Sophos Endpoint Agent gets loaded into ICA user session
Published app sessions are getting loaded with Sophos Endpoint Agent. This is seen under Workspace app Connection Center. Sophos Endpoint agent is getting loaded into all the Citrix ICA sessions. Citrix Workspace app Connection Center shows the "Sophos Endpoint Agent - Notification Icon". Sophos...