CVE-2026-28279

osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the osctrl-admin environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing environments. These...

CVE-2026-28280 `osctrl-admin` has Stored Cross-Site Scripting (XSS) in On-Demand Query List

osctrl is an osquery management solution. Prior to version 0.5.0, a stored cross-site scripting XSS vulnerability exists in the osctrl-admin on-demand query list. A user with query-level permissions can inject arbitrary JavaScript via the query parameter when running an on-demand query. The paylo...

CVE-2026-28279

osctrl is an osquery management solution. Prior to version 0.5.0, an OS command injection vulnerability exists in the osctrl-admin environment configuration. An authenticated administrator can inject arbitrary shell commands via the hostname parameter when creating or editing environments. These...

PT-2026-22225

Name of the Vulnerable Software and Affected Versions osctrl versions prior to 0.5.0 Description osctrl is a management solution for osquery. A command injection issue exists in the osctrl-admin environment configuration before version 0.5.0. An authenticated administrator can inject arbitrary...

EUVD-2018-18096

Malware in sbrugna...

EUVD-2020-3445

Malware in sbrugna...

EUVD-2019-13203

Malware in sbrugna...

EUVD-2020-12713

Malware in sbrugna...

EUVD-2020-18851

Malware in sbrugna...

Cyber Warfare during Operation Sindoor: Malware Campaign Analysis and Detection Framework

Rapid digitization of critical infrastructure has made cyberwarfare one of the important dimensions of modern conflicts. Attacking the critical infrastructure is an attractive pre-emptive proposition for adversaries as it can be done remotely without crossing borders. Such attacks disturb the...

EUVD-2021-8657

Malicious code in bioql PyPI...

EUVD-2024-20947

Malicious code in bioql PyPI...

EUVD-2022-1220

Malicious code in bioql PyPI...

CVE-2020-11081

osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables...

CVE-2020-1887

Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...

CVE-2019-3567

In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. Under those circumstances osquery will load said malicious executable with SYSTEM permission...

Kibana 8.x < 8.14.0 Multiples Vulnerabilities

According to its self-reported version number, the Kibana application running on the remote host is 7.x prior to 7.17.22 or 8.x prior to 8.14.0. It is, therefore, affected by multiples vulnerabilities. - A high-privileged user, allowed to create custom osquery packs could affect the availability ...

Kibana 7.x < 7.17.22 Multiples Vulnerabilities

According to its self-reported version number, the Kibana application running on the remote host is 7.x prior to 7.17.22 or 8.x prior to 8.14.0. It is, therefore, affected by multiples vulnerabilities. - A high-privileged user, allowed to create custom osquery packs could affect the availability ...

BIT-KIBANA-2024-23443

A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack...

BIT-ELK-2024-23443

A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack...