7 matches found
CVE-2025-59938
CVE-2025-59938 affects Wazuh wazuh-analysisd in versions 3.8.0 through 4.10.x (before 4.11.0). The issue is a heap buffer overflow when parsing XML elements from Windows EventChannel messages, with a documented fix in version 4.11.0. CVSS 3.1 base score 6.5 (Medium) indicates impact limited to av...
CVE-2025-59938 Heap buffer overflow in wazuh-analysisd
Wazuh is a free and open source platform used for threat prevention, detection, and response. In versions starting from 3.8.0 to before 4.11.0, wazuh-analysisd is vulnerable to a heap buffer overflow when parsing XML elements from Windows EventChannel messages. This issue has been patched in...
PT-2025-39698
Name of the Vulnerable Software and Affected Versions Wazuh versions 3.8.0 through 4.10.9 Description Wazuh, a platform for threat prevention, detection, and response, contains a heap buffer overflow in the wazuh-analysisd component. This issue occurs when parsing XML elements received from Windo...
Wazuh 安全漏洞
Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A security vulnerability exists in Wazuh version 3.8.0 through versions prior to 4.11.0 that stems from a heap...
CVE-2024-32038
Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is fixed in Wazuh...
CVE-2024-32038 Wazuh Analysis Engine Event Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability
Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is fixed in Wazuh...
Wazuh 安全漏洞
Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A security vulnerability exists in Wazuh versions 3.8.0 through 4.7.2 that stems from a buffer overflow in...