Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
operations agent vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-3114
In Go prior to 1.14.14 and 1.15.x prior to 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.
Golang Go
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Storagegrid -
Netapp Cloud Insights Telegraf Agent -
1 Github repository
NA
CVE-2011-3192
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x up to and including 2.0.64, and 2.2.x up to and including 2.2.19 allows remote malicious users to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as e...
Apache Http Server
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.4
Opensuse Opensuse 11.3
Suse Linux Enterprise Software Development Kit 10
Suse Linux Enterprise Server 10
Suse Linux Enterprise Software Development Kit 11
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
2 EDB exploits
1 Nmap script
18 Github repositories
3 Articles
7.5
CVSSv3
CVE-2022-0778
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curv...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Storagegrid -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Cloud Volumes Ontap Mediator -
Netapp A250 Firmware -
Netapp 500f Firmware -
Fedoraproject Fedora 34
Fedoraproject Fedora 36
Tenable Nessus
Mariadb Mariadb
Nodejs Node.js
10 Github repositories
7
CVSSv3
CVE-2023-32554
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local malicious user to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on...
Trendmicro Apex One
Trendmicro Apex One 2019
7
CVSSv3
CVE-2023-32555
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local malicious user to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on...
Trendmicro Apex One
Trendmicro Apex One 2019
9.8
CVSSv3
CVE-2016-6807
Custom commands may be executed on Ambari Agent (2.4.x, prior to 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user exec...
Apache Ambari 2.4.1
Apache Ambari 2.4.0
8.2
CVSSv3
CVE-2022-36899
Jenkins Compuware ISPW Operations Plugin 1.0.8 and previous versions does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties.
Jenkins Compuware Ispw Operations
7.5
CVSSv3
CVE-2021-21688
The agent-to-controller security check FilePath#reading(FileVisitor) in Jenkins 2.318 and previous versions, LTS 2.303.2 and previous versions does not reject any operations, allowing users to have unrestricted read access using certain operations (creating archives, FilePath#cop...
Jenkins Jenkins
NA
CVE-2011-4160
Unspecified vulnerability in HP Operations Agent 11.00 and Performance Agent 4.73 and 5.0 on AIX, HP-UX, Linux, and Solaris allows local users to bypass intended directory-access restrictions via unknown vectors.
Hp Operations Agent 11.0
Hp Performance Agent 4.73
Hp Performance Agent 5.0
7.8
CVSSv3
CVE-2019-17446
An issue exists in Eracent EPA Agent up to and including 10.2.26. The agent executable, when installed for non-root operations (scanning), can be used to start external programs with elevated permissions because of an Untrusted Search Path.
Eracent Epa Agent
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »