📦 Wazuh

A buffer overflow vulnerability in Wazuh Manager's analysisd component allows remote code execution when processing Unicode characters from Windows Eventchannel messages. This affects Wazuh Manager ve...

CVE-2021-44079 is a command injection vulnerability in Wazuh's wazuh-slack active response script that allows remote code execution by passing untrusted user agents to curl commands. This affects Wazu...

This vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in agent configuration settings. This could lead to NTLM relay attacks resulti...

A buffer over-read vulnerability in Wazuh allows compromised agents or attackers who can send crafted messages to the Wazuh manager to read beyond allocated memory boundaries, potentially accessing se...

A buffer over-read vulnerability in Wazuh's DecodeWinevt() function allows compromised agents to trigger read operations beyond allocated buffer boundaries. Attackers can exploit this by sending speci...

This is a use-after-free vulnerability in Wazuh's w_copy_event_for_log() function that allows compromised agents to send specially crafted messages to the manager. An attacker can potentially corrupt ...

A NULL pointer dereference vulnerability in Wazuh's analysisd component allows a compromised agent to crash the manager by sending a specially crafted message. This causes denial of service, making th...

A NULL pointer dereference vulnerability in Wazuh's fillData() function allows compromised agents to crash the analysisd service by sending specially crafted messages. This causes denial of service to...

A heap-based out-of-bounds write vulnerability in Wazuh's decode_win_permissions function allows writing a NULL byte before an allocated buffer. Compromised agents or attackers sending crafted message...

This CVE describes a local privilege escalation vulnerability in Wazuh Windows agent where improper ACLs on non-default installation directories allow local attackers to place malicious DLLs or replac...

This vulnerability in Wazuh's host_deny script allows attackers to inject arbitrary commands into the /etc/hosts.deny file, leading to arbitrary command execution. It affects Wazuh servers and agents,...

This vulnerability allows a compromised Wazuh agent to crash the analysisd service on the Wazuh manager by sending a specially crafted message. It affects Wazuh deployments running versions 3.7.0 thro...

This vulnerability exposes the Wazuh agent authentication password file to all authenticated users on Windows systems, allowing local attackers to read the password. It affects Wazuh installations on ...

This vulnerability in Wazuh allows attackers with no privilege access to view the agent list on the Wazuh dashboard, potentially enabling privilege escalation through information disclosure. All Wazuh...