Vulnerabilities > Linuxfoundation > Osquery > 1.2.0

DATE CVE VULNERABILITY TITLE RISK
2020-12-16 CVE-2020-26273 Command Injection vulnerability in Linuxfoundation Osquery
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework.
local
low complexity
linuxfoundation CWE-77
5.2
5.2
2020-07-10 CVE-2020-11081 Unspecified vulnerability in Linuxfoundation Osquery
osquery before version 4.4.0 enables a privilege escalation vulnerability.
local
low complexity
linuxfoundation
8.2
8.2
2019-06-03 CVE-2019-3567 Link Following vulnerability in Linuxfoundation Osquery
In some configurations an attacker can inject a new executable path into the extensions.load file for osquery and hard link a parent folder of a malicious binary to a folder with known 'safe' permissions.
network
high complexity
linuxfoundation CWE-59
8.1
8.1
2018-12-31 CVE-2018-6336 Improper Validation of Integrity Check Value vulnerability in Linuxfoundation Osquery
An issue was discovered in osquery.
local
low complexity
linuxfoundation CWE-354
7.8
7.8