15 matches found
EUVD-2025-13061
Malicious code in bioql PyPI...
CVE-2024-52976
Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the ability to modify osqueryd configurations...
CVE-2024-52976
Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the ability to modify osqueryd configurations...
Inclusion of Functionality from Untrusted Control Sphere
Overview github.com/elastic/elastic-agent is an a single, unified way to add monitoring for logs, metrics, and other types of data to a host. Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere via parameter injection in the osqueryd...
Inclusion of Functionality from Untrusted Control Sphere
Overview github.com/elastic/beats is a the Lightweight shippers for Elasticsearch & Logstash. Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere via parameter injection in the osqueryd subprocess. Note: This is only exploitable if the...
Inclusion of Functionality from Untrusted Control Sphere
Overview github.com/elastic/beats/v7 is a the Lightweight shippers for Elasticsearch & Logstash. Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere via parameter injection in the osqueryd subprocess. Note: This is only exploitable if the...
CVE-2024-52976
CVE-2024-52976 concerns Elastic Agent (and related Beats/Elastic-Agent components) where functionality from an untrusted control sphere in the osqueryd subprocess allows local attackers to execute arbitrary code via parameter injection. Affected versions include Elastic Agent up to 7.17.24 and 8....
CVE-2024-52976 Elastic Agent Inclusion of Functionality from Untrusted Control Sphere
Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the ability to modify osqueryd configurations...
Elastic Agent 7.17.25 and 8.15.4 Security Update (ESA-2024-39)
Elastic Agent Inclusion of Functionality from Untrusted Control Sphere ESA-2024-39 Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd, allows local attackers to execute arbitrary code via parameter injection. An attacker requires local access and the...
SUSE CVE-2024-54131
The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...
Incorrect Default Permissions
Kolide Agent is vulnerable to Incorrect Default Permissions. The vulnerability is due to improper permissions set on the ProgramData directory for upgraded binaries and the omission of the SystemDrive environmental variable, allowing a malicious actor to place and execute arbitrary DLLs within th...
CVE-2024-54131
The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...
CVE-2024-54131 Kolide Agent Privilege Escalation (Windows, Versions >= 1.5.3, < 1.12.3)
The Kolide Agent aka: Launcher is the lightweight agent designed to work with Kolide's service. An implementation bug in the Kolide Agent known as launcher allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced in version 1.5.3 when launcher started...
PT-2024-36062 · Microsoft +1 · Windows 11 +2
Name of the Vulnerable Software and Affected Versions: Kolide Agent versions 1.5.3 through 1.12.2 Description: An implementation bug in the Kolide Agent allows for local privilege escalation to the SYSTEM user on Windows 10 and 11. The bug was introduced when the launcher started storing upgraded...
osquery Command And Control: Kolide
osquery Command And Control Kolide is an agentless osquery web interface and remote api server. Kolide uses the osquery remote apis to do ad-hoc distributed queries, osqueryd configurations and the collection and processing of scheduled queries packs. Kolide was designed to be extremely portable ...