cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2024-51462,https://securityvulnerability.io/vulnerability/CVE-2024-51462,Remote Code Injection Vulnerability in IBM QRadar WinCollect Agent,"The IBM QRadar WinCollect Agent versions 10.0.0 through 10.1.12 are susceptible to a remote code injection vulnerability caused by improper input validation of internal parameters. This could allow an attacker to inject malicious XML data, potentially compromising the integrity of the system and exposing sensitive information. Organizations using affected versions are urged to review their security posture and apply necessary mitigations as outlined by IBM.",IBM,Qradar Wincollect Agent,4,MEDIUM,0.0004400000034365803,false,,false,false,false,,false,false,false,,2025-01-17T02:16:00.767Z,0 CVE-2022-43880,https://securityvulnerability.io/vulnerability/CVE-2022-43880,IBM QRadar WinCollect Agent Denial of Service Vulnerability,"The vulnerability within IBM QRadar WinCollect Agent versions 10.0 through 10.1.2 permits a privileged user to exploit the system, potentially leading to a denial of service. This issue can compromise the operational integrity of the application, affecting the overall performance and security posture of the systems relying on this software. Prompt action is recommended to mitigate risks associated with this vulnerability, ensuring that system configurations adhere to the latest security practices.",IBM,Qradar Wincollect Agent,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-03T15:34:42.158Z,0 CVE-2023-26279,https://securityvulnerability.io/vulnerability/CVE-2023-26279,IBM QRadar WinCollect Agent improper output encoding,"The IBM QRadar WinCollect Agent versions 10.0 to 10.1.7 is susceptible to exploitation by local users due to a flaw in the encoding process. This vulnerability may enable unauthorized actions, posing potential security risks to the system. Users should review their configurations and apply necessary updates to mitigate the risks associated with this vulnerability.",IBM,QRadar WinCollect Agent,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-11-24T00:15:00.000Z,0 CVE-2021-39008,https://securityvulnerability.io/vulnerability/CVE-2021-39008,IBM QRadar WinCollect Agent information disclosure," IBM QRadar WinCollect Agent 10.0 through 10.1.7 could allow a privileged user to obtain sensitive information due to missing best practices. IBM X-Force ID: 213551. ",IBM,Qradar Wincollect Agent,2.7,LOW,0.0006200000061653554,false,,false,false,false,,,false,false,,2023-11-23T22:54:52.377Z,0 CVE-2023-38736,https://securityvulnerability.io/vulnerability/CVE-2023-38736,IBM QRadar WinCollect Agent privilege escalation,"The IBM QRadar WinCollect Agent, when executed with ADMIN or SYSTEM privileges, exposes a vulnerability that allows a normal user to escalate their privileges to gain SYSTEM-level access. This poses a significant security risk as it can enable unauthorized actions within the system. It is crucial for users and administrators to address this vulnerability to maintain the integrity and security of their IT environment.",IBM,Qradar Wincollect Agent,7.5,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-09-08T19:15:00.000Z,0 CVE-2023-26278,https://securityvulnerability.io/vulnerability/CVE-2023-26278,IBM QRadar WinCollect Agent privilege escalation,"The vulnerability affects versions 10.0 through 10.1.3 of the IBM QRadar WinCollect Agent, enabling a local authenticated attacker to potentially gain elevated privileges on the system. This situation can compromise system security and requires immediate attention from system administrators to implement necessary mitigations.",IBM,QRadar WinCollect Agent,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-31T20:15:00.000Z,0 CVE-2023-26277,https://securityvulnerability.io/vulnerability/CVE-2023-26277,IBM QRadar WinCollect Agent privilege escalation,"The IBM QRadar WinCollect Agent versions 10.0 through 10.1.3 is susceptible to a local privilege escalation issue allowing a local user to execute arbitrary commands. This vulnerability arises from the agent running with excessive privileges, which could potentially be exploited by malicious actors to gain unauthorized access to system functions. It is crucial for organizations using affected versions to implement the appropriate security measures to mitigate the risk of exploitation.",IBM,QRadar WinCollect Agent,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-31T19:15:00.000Z,0 CVE-2021-39006,https://securityvulnerability.io/vulnerability/CVE-2021-39006,Information Disclosure Vulnerability in IBM QRadar WinCollect Agent,"An information disclosure vulnerability exists in IBM QRadar WinCollect Agent versions 10.0 and 10.0.1, which could potentially allow an attacker to access sensitive information. This vulnerability arises from the absence of certain best practice security measures, enabling unauthorized users to exploit the weakness. For further details, visit the IBM support page or check the IBM X-Force database.",IBM,Qradar Wincollect Agent,5.3,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2022-06-21T16:15:00.000Z,0