Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linuxfoundation osquery vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2020-26273
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to osquery can cause reads and writes to arbitrary sqlite databases on disk. Thi...
Linuxfoundation Osquery
4.4
CVSSv2
CVE-2020-11081
osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privil...
Linuxfoundation Osquery
5.8
CVSSv2
CVE-2020-1887
Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and prior to 4.2.0 could allow an malicious user to MITM osquery traffic in the absence of a configured root chain of trust.
Linuxfoundation Osquery
9.3
CVSSv2
CVE-2019-3567
In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions. Under those circumstances osquery will load said malicious execut...
Linuxfoundation Osquery
6.8
CVSSv2
CVE-2018-6336
An issue exists in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsig...
Linuxfoundation Osquery
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started