42 matches found
EUVD-2019-6584
Malware in sbrugna...
EUVD-2018-18269
Malware in sbrugna...
EUVD-2024-31924
Malicious code in bioql PyPI...
CVE-2024-3334
A security bypass vulnerability exists in the Removable Media Encryption RMEcomponent of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data...
CVE-2022-30950
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine...
CVE-2022-30951
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in...
CVE-2019-15627
Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected...
CVE-2024-3334
A security bypass vulnerability exists in the Removable Media Encryption RMEcomponent of Digital Guardian Windows Agents prior to version 8.2.0. This allows a user to circumvent encryption controls by modifying metadata on the USB device thereby compromising the confidentiality of the stored data...
PT-2024-25212 · Digital Guardian · Digital Guardian Windows Agents
Name of the Vulnerable Software and Affected Versions: Digital Guardian Windows Agents versions prior to 8.2.0 Description: A security bypass issue exists in the Removable Media Encryption RME component, allowing users to circumvent encryption controls by modifying metadata on USB devices, thereb...
PT-2023-5788 · Acronis · Acronis Cyber Protect 16 +2
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Cloud Agent Windows versions before build 36497 Acronis Cyber Protect 16 Windows versions before build 37391 Acronis Agent Windows versions before build 36497 Description: The issue is related to a local privilege...
PT-2023-5787 · Acronis · Acronis Cyber Protect 16 +2
Name of the Vulnerable Software and Affected Versions: Acronis Cyber Protect Cloud Agent Windows versions before build 35739 Acronis Cyber Protect 16 Windows versions before build 37391 Acronis Agent Windows versions before build 35739 Description: The issue is related to sensitive information...
CVE-2022-47529
Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...
CVE-2022-47529
Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...
CVE-2022-47529
The CVE-2022-47529 issue affects RSA NetWitness Platform’s NetWitness Endpoint EDR Agent prior to version 12.2. It stems from insecure Win32 memory objects that let local or admin Windows users modify the endpoint agent service configuration, enabling actions such as disabling the service or exec...
Multiple vulnerabilities in Trend Micro Deep Security and Cloud One - Workload Security agents for Windows
Overview Trend Micro Incorporated has released a security update for Trend Micro Deep Security and Cloud One - Workload Security agents for Windows. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Information disclosure due...
Jenkins plugins Multiple Vulnerabilities (2022-05-17)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenki...
Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin
Amazon EC2 Plugin connects to Windows agents via HTTPS. Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed HTTPS certificates and does not perform hostname validation when connecting to Windows agents. This lack of validation could be abused using a man-in-the-middle attack ...
GHSA-C89C-PVM7-33WJ Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin
Amazon EC2 Plugin connects to Windows agents via HTTPS. Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed HTTPS certificates and does not perform hostname validation when connecting to Windows agents. This lack of validation could be abused using a man-in-the-middle attack ...
Jenkins WMI Windows Agents Plugin Buffer Overflow Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A buffer overflow vulnerability exists in...
Jenkins WMI Windows Agents Plugin Access Control Error Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.The Jenkins WMI Windows Agents Plugin is...