Security Bulletin: Vulnerablity in Apache Log4j may affect IBM APM Internet Service Monitoring Agent

Summary There is a vulnerability in the Apache log4j library used by IBM APM Internet Service Monitoring Agent. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent

Summary Vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of agent framework in ITCAM for Applications WebSphere MQ Monitoring Agent. CVE-2025-53066 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP compone...

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments

Summary IBM java SDK is used by Linux KVM Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no...

EUVD-2012-1806

Malware in sbrugna...

EUVD-2006-2826

Malware in sbrugna...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent

Summary Vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of agent framework in ITCAM for Applications WebSphere MQ Monitoring Agent. CVEs: CVE-2023-21830, CVE-2023-33850, CVE-2025-4447. Vulnerability Details CVEID:CVE-2023-21830 DESCRIPTION: An unspecified vulnerability ...

CVE-2022-46156

The Synthetic Monitoring Agent for Grafana's Synthetic Monitoring application provides probe functionality and executes network checks for monitoring remote targets. Users running the Synthetic Monitoring agent prior to version 0.12.0 in their local network are impacted. The authentication token...

MuddyWater Returns with a New Spear-Phishing Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MuddyWater, the Iranian nation-state actor, has been identified in a new spearphishing campaign targeting two Israeli entities and deploying a legitimate remote administration tool known as N-able Advanc...

Information Disclosure

github.com/grafana/synthetic-monitoring-agent is vulnerable to information disclosure.The vulnerability exists in multiple functions due to default installation of synthetic-monitoring-agent which allows an attacker to communicate with the Synthetic Monitoring API via a debugging endpoint...

Grafana 安全漏洞

Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. A security vulnerability exists in Grafana synthetic-monitoring-agent, which stems from the fact that i...

Security Bulletin: A vulneraqbility in SQLite affects IBM Cloud Application Performance Managment R esponse Time Monitoring Agent (CVE-2020-9327)

Summary In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. Vulnerability Details CVEID: CVE-2020-9327 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by a NULL pointer...

CVE-2020-13912

SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file...

Design/Logic Flaw

SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file...

CVE-2020-13912

The CVE-2020-13912 entry relates to SolarWinds Advanced Monitoring Agent (pre-10.8.9) where a local user can escalate privileges by exploiting a writable .exe file. Core details from connected sources indicate an elevation of privilege via a Trojan horse .exe, caused by broad write access to a sp...

NSClient++ 0.5.2.35 Authenticated Remote Code Execution

Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-04-20 Exploit Author: kindredsec Vendor Homepage: https://nsclient.org/ Software Link: https://nsclient.org/download/ Version: 0.5.2.35 Tested on: Microsoft Windows 10 Pro x64 CVE: N/A NSClient++ ...

NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Exploit

Exploit for jsp platform in category web applications Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Exploit Author: kindredsec Vendor Homepage: https://nsclient.org/ Software Link: https://nsclient.org/download/ Version: 0.5.2.35 Tested on: Microsoft Windows 10 Pro x64...

NSClient++ 0.5.2.35 - Authenticated Remote Code Execution

Exploit Title: NSClient++ 0.5.2.35 - Authenticated Remote Code Execution Google Dork: N/A Date: 2020-04-20 Exploit Author: kindredsec Vendor Homepage: https://nsclient.org/ Software Link: https://nsclient.org/download/ Version: 0.5.2.35 Tested on: Microsoft Windows 10 Pro x64 CVE: N/A NSClient++ ...

Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent (CVE-2019-19925, CVE-2019-19645, CVE-2019-19924, CVE-2019-19923, CVE-2019-19880, CVE-2019-19646, CVE-2019-19926)

Summary SQLite is vulnerable to a denial of service. Vulnerability Details CVEID: CVE-2019-19925 DESCRIPTION: SQLite is vulnerable to a denial of service, caused by the mishandling of a NULL pathname in the zipfileUpdate function in ext/misc/zipfile.c. By sending a specially-crafted request, a...

Security Bulletin: A vulnerability in SQLite affects IBM Cloud Application Performance Management Response Time Monitoring Agent (CVE-2019-19959, CVE-2019-20218)

Summary SQLite is vulnerable to a denial of service, caused by the mishandling of certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames. By using a specially-crafted filename, a remote attacker could exploit this vulnerability to cause a denial of service...

Netdata - Real-time Performance Monitoring

Netdata is distributed, real-time, performance and health monitoring for systems and applications. It is a highly-optimized monitoring agent you install on all your systems and containers. Netdata provides unparalleled insights , in real-time , of everything happening on the systems it runs...