Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-6447

Malware in sbrugna...

5.5CVSS5.6AI score0.00863EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-17009

Malicious code in bioql PyPI...

9.5CVSS6.5AI score0.00297EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-17008

Malicious code in bioql PyPI...

9.5CVSS6.5AI score0.00545EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/06/13 3:24 a.m.7 views

CVE-2024-1244

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2...

9.5CVSS7.6AI score0.00297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/13 1:19 a.m.7 views

CVE-2024-1243

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...

9.5CVSS7.6AI score0.00545EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/06/11 2:59 a.m.11 views

CVE-2024-1244 Remote code execution and local privilege escalation due to UNC access and NetNTLMv2 hash theft

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2...

9.5CVSS8.3AI score0.00297EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/06/11 2:59 a.m.3 views

CVE-2024-1244

Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an attacker in with control over the OSSEC server or in possession of the agent's key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2...

9.5CVSS8.4AI score0.00297EPSS
Exploits0References2
NVD
NVD
added 2025/06/11 2:15 a.m.33 views

CVE-2024-1243

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...

9.5CVSS0.00545EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/06/11 1:15 a.m.25 views

CVE-2024-1243 Remote code execution and local privilege escalation in Wazuh Windows agent via NetNTLMv2 hash theft

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...

9.5CVSS0.00545EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/06/11 1:15 a.m.13 views

CVE-2024-1243 Remote code execution and local privilege escalation in Wazuh Windows agent via NetNTLMv2 hash theft

Improper input validation in the Wazuh agent for Windows prior to version 4.8.0 allows an attacker with control over the Wazuh server or agent key to configure the agent to connect to a malicious UNC path. This results in the leakage of the machine account NetNTLMv2 hash, which can be relayed for...

9.5CVSS8.2AI score0.00545EPSS
Exploits1References3
CVE
CVE
added 2025/06/11 1:15 a.m.62 views

CVE-2024-1243

The CVE-2024-1243 entry concerns Wazuh agent for Windows prior to 4.8.0. It states improper input validation can be exploited by an attacker who controls the Wazuh server or agent key to configure the agent to connect to a malicious UNC path, leading to leakage of the machine account NetNTLMv2 ha...

9.5CVSS8.2AI score0.00545EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.6 views

PT-2025-25177 · Wazuh · Wazuh Agent For Windows

Name of the Vulnerable Software and Affected Versions: Wazuh agent for Windows versions prior to 4.8.0 Description: The issue is caused by improper input validation in the Wazuh agent for Windows, allowing an attacker with control over the Wazuh server or agent key to configure the agent to conne...

9.5CVSS7.4AI score0.00545EPSS
Exploits1References11
Packet Storm
Packet Storm
added 2021/07/28 12:0 a.m.397 views

TripSpark VEO Transportation SQL Injection

Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Date: 07/27/2021 Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link:...

0.5AI score
Exploits0
0day.today
0day.today
added 2021/07/28 12:0 a.m.99 views

TripSpark VEO Transportation - Blind SQL Injection Vulnerability

Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link: https://www.tripspark.com/resourcefiles/veo-transportation.pdf...

Exploits0
Exploit DB
Exploit DB
added 2021/07/28 12:0 a.m.650 views

TripSpark VEO Transportation - Blind SQL Injection

Exploit Title: TripSpark VEO Transportation - 'editOEN' Blind SQL Injection Google Dork: inhtml:"Student Busing Information" Date: 07/27/2021 Exploit Author: Sedric Louissaint @LKn0w Vendor Homepage: https://www.tripspark.com Software Document Link:...

7.4AI score
Exploits0
Prion
Prion
added 2017/10/09 5:29 a.m.18 views

Design/Logic Flaw

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...

4.3CVSS5.3AI score0.00863EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/10/09 5:0 a.m.19 views

CVE-2017-14971

Infocus Mondopad 2.2.08 is vulnerable to a Hashed Credential Disclosure vulnerability. The attacker provides a crafted Microsoft Office document containing a link that has a UNC pathname associated with an attacker-controller server. In one specific scenario, the attacker provides an Excel...

5.3AI score0.00863EPSS
Exploits1References1
Rows per page
Query Builder