Lucene search
K

543 matches found

OSV
OSV
added 2024/08/21 5:15 p.m.2 views

CVE-2024-5929

VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged cod...

7.8CVSS6.2AI score0.00356EPSS
Exploits0References2
CVE
CVE
added 2024/08/21 4:12 p.m.70 views

CVE-2024-5929

CVE-2024-5929 affects VIPRE Advanced Security PMAgent. The vulnerability is an Uncontrolled Search Path Element Local Privilege Escalation in the Patch Management Agent, arising from loading a file from an unsecured location. Local attackers who can run low-privileged code can escalate to SYSTEM ...

7.8CVSS7.8AI score0.00356EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/21 4:12 p.m.21 views

CVE-2024-5929 VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged cod...

7.8CVSS7.5AI score0.00356EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/21 4:12 p.m.17 views

CVE-2024-5928 VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability

VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target...

7.8CVSS7.5AI score0.00379EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2024/08/19 4:45 p.m.1455 views

Exploit for Race Condition in Openbsd Openssh

CVE-2024-6387: Race Condition in Signal Handling for OpenSSH...

9.3CVSS8.6AI score0.99506EPSS
Exploits68
Qualys Blog
Qualys Blog
added 2024/08/02 11:51 a.m.14 views

Enhance Your Cybersecurity Posture: Qualys Tackles CISA & NSA’s Top 10 Misconfigurations

The National Security Agency NSA alongside the Cybersecurity and Infrastructure Security Agency CISA have pinpointed the most critical misconfigurations that present substantial dangers to organizations. In particular, the advisory calls out the tactics, techniques, and procedures TTPs actors use...

8.3AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/07/31 8:59 p.m.14 views

ZITADEL has improper HTML sanitization in emails and Console UI

Impact ZITADEL uses HTML for emails and renders certain information such as usernames dynamically. That information can be entered by users or administrators. Due to a missing output sanitization, these emails could include malicious code. This may potentially lead to a threat where an attacker,...

6.1CVSS6.5AI score0.00608EPSS
Exploits0References18Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/31 12:0 a.m.17 views

Integration Status

The following integration was used and here are the results based on the intention of the integration type. Here is a brief description of success for each integration type. PAMs: To retrieve a target credential from the related PAM. MDMs: To retrieve devices from the related MDM. Patch Managemen...

5.6AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/07/30 12:50 p.m.39 views

Qualys Announces TruRisk Eliminate to Augment Patching

About 5 years ago, we launched Qualys Patch Management to empower our customers to not just detect and prioritize vulnerabilities but also effectively remediate them. Since then, we have assisted our customers in addressing hundreds of millions of vulnerabilities, significantly enhancing the...

8.8CVSS9AI score0.99759EPSS
Exploits57
BDU FSTEC
BDU FSTEC
added 2024/07/05 12:0 a.m.5 views

The vulnerability of the Patch Management Agent component in the VIPRE Advanced Security antivirus software allows a hacker to enhance their privileges.

The vulnerability of the Patch Management Agent component in VIPRE Advanced Security antivirus software is related to an incorrect definition of symbolic links before accessing a file. Exploiting this vulnerability allows attackers to enhance their privileges...

7.8CVSS7.2AI score0.00379EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/05 12:0 a.m.5 views

The vulnerability of the Patch Management Agent component in the VIPRE Advanced Security antivirus software allows a hacker to enhance their privileges.

The vulnerability of the Patch Management Agent component in VIPRE Advanced Security antivirus software is related to the absence of quotation marks in the code or search paths. Exploiting this vulnerability allows attackers to enhance their privileges...

7.8CVSS7.3AI score0.00356EPSS
Exploits0References5Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2024/06/20 12:0 a.m.13 views

VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Patch...

7.8CVSS7.5AI score0.00379EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/06/20 12:0 a.m.18 views

VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Patch...

7.8CVSS7.5AI score0.00356EPSS
Exploits0References1
Qualys Blog
Qualys Blog
added 2024/05/29 3:41 p.m.21 views

2024 Cybersecurity Trends: What’s Observable Already?

2024 has already witnessed a staggering number of cyber incidents, with over 29.5 billion records breached across 4,645 publicly disclosed incidents in January alone, according to the IT Governance Security Spotlight. Moreover, CVEs are growing significantly year over year, with 13% growth from...

7.4AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/05/09 4:0 p.m.20 views

How to Create Collaboration and Shared Goals with IT and Security Teams

In today’s ITSM landscape, merging IT operations and security practices is no longer “ideal”, but imperative. According to a recent Gartner® Board of Directors Survey 1, 88% of respondents indicated that their organization perceives cybersecurity as a business risk. This was up from 58% in 2016,...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/26 10:46 a.m.53 views

10 Critical Endpoint Security Tips You Should Know

In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets. According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2024/04/19 12:0 p.m.22 views

What’s the deal with the massive backlog of vulnerabilities at the NVD?

The National Vulnerability Database is usually the single source of truth for all things related to security vulnerabilities. But now, theyre facing an uphill battle against a massive backlog of vulnerabilities, some of which are still waiting to be analyzed, and others that still have an...

7AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/04/10 6:32 p.m.13 views

How to Reduce Your Risk with Proactive VM Strategies

Current cybersecurity challenges demand more than just reactive measures. A significant hurdle many organizations face is the effective remediation of vulnerabilities within their IT infrastructure. Recognizing this, security teams are increasingly turning to sophisticated vulnerability managemen...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/28 11:25 a.m.25 views

Update Chrome now! Google patches possible drive-by vulnerability

Google has released an update to Chrome which includes seven security fixes. Version 123.0.6312.86/.87 of Chrome for Windows and Mac and 123.0.6312.86 for Linux will roll out over the coming days/weeks. The easiest way to update Chrome is to allow it to update automatically, which basically uses...

6.9AI score0.0334EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2024/03/26 2:9 p.m.33 views

Patch now: Mozilla patches two critical vulnerabilities in Firefox

Mozilla released version 124.0.1 of the Firefox browser to Release channel users the default channel that most non-developers run on March 22, 2024. The new version fixes two critical security vulnerabilities. One of the vulnerabilities affects Firefox on desktop only, and doesnt affect mobile...

7.6AI score0.22935EPSS
Exploits2
Rows per page
Query Builder