22 matches found
EUVD-2024-16108
Malicious code in bioql PyPI...
EUVD-2024-25933
Malicious code in bioql PyPI...
EUVD-2024-16107
Malicious code in bioql PyPI...
EUVD-2024-16109
Malicious code in bioql PyPI...
CVE-2024-7402
Netskope has identified a potential gap in its agent Netskope Client in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM Man-in-the-Middle activity on the Netskope Client communication channel. A successful exploitation would require...
CVE-2024-0311
A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code...
CVE-2024-0312
A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password...
CVE-2024-28851
The Snowflake Hive metastore connector provides an easy way to query Hive-managed data via Snowflake. Snowflake Hive MetaStore Connector has addressed a potential elevation of privilege vulnerability in a helper script for the Hive MetaStore Connector. A malicious insider without admin privileges...
CVE-2024-0313
A malicious insider exploiting this vulnerability can circumvent existing security controls put in place by the organization. On the contrary, if the victim is legitimately using the temporary bypass to reach out to the Internet for retrieving application and system updates, a remote device could...
CVE-2024-56320
GoCD is a continuous deliver server. GoCD versions prior to 24.5.0 are vulnerable to admin privilege escalation due to improper authorization of access to the admin "Configuration XML" UI feature, and its associated API. A malicious insider/existing authenticated GoCD user with an existing GoCD...
Living off the land with Bluetooth PAN
TL:DR Bluetooth is enabled by default on the majority of Windows laptops Bluetooth PAN can be used to bridge connections locally between a client laptop and attacking device Attackers can use Microsoft native SSH client to forward out internal network traffic Windows native SSH is accessible to...
CVE-2024-0311
A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code...
CVE-2024-0312
A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password...
CVE-2024-0312
A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password...
CVE-2024-0312
CVE-2024-0312 affects Skyhigh Client Proxy. Multiple sources confirm a vulnerability that allows a malicious insider to uninstall the proxy without a valid uninstall password. CNNVD specifies Skyhigh Client Proxy vulnerable versions up to 4.8.1 and earlier; other documents do not specify a fix. T...
CVE-2024-0312
A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password...
CVE-2024-0311
A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code...
CVE-2024-0311
A malicious insider can bypass the existing policy of Skyhigh Client Proxy without a valid release code...
PT-2024-15462 · Mcafee · Skyhigh Client Proxy
Name of the Vulnerable Software and Affected Versions: Skyhigh Client Proxy affected versions not specified Description: A malicious insider can uninstall Skyhigh Client Proxy without a valid uninstall password. Recommendations: At the moment, there is no information about a newer version that...
Insecure Default Initialization of Resource
As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be ke...