CVE-2026-45685 OpenTelemetry eBPF Instrumentation: MongoDB parser panics on malformed wire messages

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.1.0 to before version 0.9.0, malformed MongoDB wire messages can trigger uncaught panics in the MongoDB TCP parser, allowing a remote unauthenticated attacker to crash the telemetr...

Exploit for Deserialization of Untrusted Data in Linuxfoundation Opentelemetry_Instrumentation_For_Java

CVE-2026-33701 — Unsafe Deserialization in OpenTelemetry Java...

Deserialization Of Untrusted Data

io.opentelemetry.javaagent:opentelemetry-javaagent is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to lack of serialization filtering in the RMI instrumentation endpoint, which allows an attacker with network access to send malicious serialized data and execute...

EUVD-2021-15184

Malware in sbrugna...

EUVD-2023-28530

Malicious code in bioql PyPI...

Malicious code in @shadowbyte/checkout-telemetry-agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3309a46cb7d7602b6b36a782d12752e0b69f409896afc9dd2d9fa4925d65b4a6 The OpenSSF Package Analysis project identified '@shadowbyte/checkout-telemetry-agent' @ 1.0.4 npm as malicious. It is considered malicious...

CVE-2023-24512

On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent referred to as the TerminAttr agent is enabl...

CVE-2023-24512

On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent referred to as the TerminAttr agent is enabl...

Design/Logic Flaw

On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent referred to as the TerminAttr agent is enabl...

CVE-2023-24512 On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch.

On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent referred to as the TerminAttr agent is enabl...

PT-2023-19659 · Arista · Arista Eos

Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: An authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the...

Security Advisory 0086

Security Advisory 0086 . CSAF PDF Date: April 25, 2023 Revision | Date | Changes ---|---|--- 1.0 | April 25, 2023 | Initial release The CVE-ID tracking this issue: CVE-2023-24512 CVSSv3.1 Base Score: 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Common Weakness Enumeration: CWE-284 Improper...

CVE-2023-24512 On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch.

On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent referred to as the TerminAttr agent is enabl...

CVE-2021-28508

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to...

Microsoft Office: Turn on data uploading for Office Telemetry Agent

This test checks the setting for policy OpenVAS Vulnerability Test $Id: office2013datauploadingofficetelemetryagent.nasl 11843 2018-10-11 14:33:21Z emoss $ Check value for Turn on data uploading for Office Telemetry Agent Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...