10 results (0.006 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is fixed in Wazuh Manager 4.7.2. Wazuh es una plataforma gratuita y de código abierto que se utiliza para la prevención, detección y respuesta a amenazas. • https://github.com/wazuh/wazuh/security/advisories/GHSA-fcpw-v3pg-c327 • CWE-122: Heap-based Buffer Overflow •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the `host_deny` script allows to write any string in the `hosts.deny` file, which can end in an arbitrary command execution on the target system. This vulnerability is part of the active response feature, which can automatically triggers actions in response to alerts. By default, active responses are limited to a set of pre defined executables. This is enforced by only allowing executables stored under `/var/ossec/active-response/bin` to be run as an active response. • https://github.com/wazuh/wazuh/security/advisories/GHSA-mjq2-xf8g-68vw • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when `analysisd` receives a syscollector message with the `hotfix` `msg_type` but lacking a `timestamp`. It uses `cJSON_GetObjectItem()` to get the `timestamp` object item and dereferences it without checking for a `NULL` value. A malicious client can DoS the analysis engine. • https://github.com/wazuh/wazuh/blob/e1d5231b31b68a75f3b8b33f833155b362411078/src/analysisd/decoders/syscollector.c#L1573 https://github.com/wazuh/wazuh/blob/e1d5231b31b68a75f3b8b33f833155b362411078/src/analysisd/decoders/syscollector.c#L1578 https://github.com/wazuh/wazuh/security/advisories/GHSA-4mq7-w9r6-9975 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Wazuh is a free and open source platform used for threat prevention, detection, and response. This bug introduced a stack overflow hazard that could allow a local privilege escalation. This vulnerability was patched in version 4.5.3. Wazuh es una plataforma gratuita y de código abierto que se utiliza para la prevención, detección y respuesta a amenazas. Este error introdujo peligro por desbordamiento de pila que podría permitir una escalada de privilegios locales. • https://github.com/wazuh/wazuh/security/advisories/GHSA-27p5-32pp-r58r • CWE-121: Stack-based Buffer Overflow •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools. This allows a logged user to the dashboard to become administrator of the API, even if their dashboard role is not. Version 4.4.2 contains a fix. There are no known workarounds. • https://github.com/wazuh/wazuh-dashboard-plugins/issues/5427 https://github.com/wazuh/wazuh-kibana-app/pull/5428 https://github.com/wazuh/wazuh-kibana-app/security/advisories/GHSA-8w7x-52r7-qvjf • CWE-639: Authorization Bypass Through User-Controlled Key •