23 matches found
EUVD-2021-21395
Malware in sbrugna...
EUVD-2022-2049
Malicious code in bioql PyPI...
Security Bulletin: Vulnerability of Newtonsoft.Json-12.0.1.22727.dll has afftected to .NET Agent
Summary .NET Agent is vulnerable to Newtonsoft.Json 12.0.1.22727.dll. This fix has upgraded Newtonsoft.Json from Newtonsoft.Json-12.0.1.22727.dll to Newtonsoft.Json.13.0.3 Vulnerability Details IBM X-Force ID: 234366 DESCRIPTION: Newtonsoft.Json is vulnerable to a denial of service, caused by...
GHSA-HX93-GC73-5RPR Exposure of Sensitive Information in Elastic APM .NET Agent
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers...
Exposure of Sensitive Information in Elastic APM .NET Agent
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers...
CVE-2021-22143
CVE-2021-22143 affects the Elastic APM .NET Agent, where sensitive HTTP header information can be leaked when logging errors because headers may not be sanitized before being sent to the APM server. This vulnerability concerns the Elastic APM .NET Agent components involved in error logging and he...
CVE-2021-22143 Elastic APM .NET Agent information disclosure
The Elastic APM .NET Agent can leak sensitive HTTP header information when logging the details during an application error. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application error it is possible the headers...
PT-2023-12039 · Elastic · Apm .Net Agent
Name of the Vulnerable Software and Affected Versions: Elastic APM .NET Agent affected versions not specified Description: The issue concerns the Elastic APM .NET Agent leaking sensitive HTTP header information when logging application error details. Normally, the agent sanitizes sensitive HTTP...
Security Bulletin: Vulnerability of System.Text.Encodings.Web.4.5.0 .dll has afftected to .NET Agent
Summary .NET Agent is vulnerable to System.Text.Encodings.Web.4.5.0 .dll . CVE-2021-26701 This fix includes System.Text.Encodings.Web.7.0.0 upgraded to System.Text.Encodings.Web.4.5.0 .dll. Vulnerability Details CVEID:CVE-2021-26701 DESCRIPTION: Microsoft .NET Core and Visual Studio could allow a...
New Relic .NET Agent contains SQL Injection
New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe applications via vectors involving failure to escape quotes during use of the Slow Queries feature, as demonstrated by a mishandled quote in a VALUES clause of an INSERT statement, after bypassing a SET SHOWPLANALL ON protecti...
CVE-2021-34745
A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...
Code injection
A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...
CVE-2021-34745
Summary: CVE-2021-34745 affects the AppDynamics .NET Agent for Windows. The vulnerability arises because the .NET Agent Coordinator Service can execute code with SYSTEM privileges, allowing an authenticated local user to launch a custom process that runs with SYSTEM rights and potentially execute...
CVE-2021-34745 AppDynamics .NET Agent Privilege Escalation Vulnerability
A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...
CVE-2021-34745 AppDynamics .NET Agent Privilege Escalation Vulnerability
A vulnerability in the AppDynamics .NET Agent for Windows could allow an attacker to leverage an authenticated, local user account to gain SYSTEM privileges. This vulnerability is due to the .NET Agent Coordinator Service executing code with SYSTEM privileges. An attacker with local access to a...
Information Disclosure
Elastic APM .NET Agent is vulnerable to information disclosure. Confidential HTTP header information is disclosed when logging the details during an application error...
Elastic APM 安全漏洞
Elastic APM is a platform for monitoring and analyzing application performance from Elastic Netherlands. A security vulnerability exists in the Elastic APM .NET Agent that originates when the agent leaks sensitive HTTP header information while logging details during application errors. A remote...
What’s New in InsightAppSec and tCell: Q3 2020 in Review
Here at Rapid7, we’ve been quite busy continuously improving, expanding functionality, and testing new features for feedback with our customers across our application security portfolio. This includes InsightAppSec, our leading DAST solution, tCell by Rapid7, our next-gen cloud WAF and RASP...
Sql injection
New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe applications via vectors involving failure to escape quotes during use of the Slow Queries feature, as demonstrated by a mishandled quote in a VALUES clause of an INSERT statement, after bypassing a SET SHOWPLANALL ON protecti...
CVE-2017-9246
New Relic .NET Agent before 6.3.123.0 adds SQL injection flaws to safe applications via vectors involving failure to escape quotes during use of the Slow Queries feature, as demonstrated by a mishandled quote in a VALUES clause of an INSERT statement, after bypassing a SET SHOWPLANALL ON protecti...