Vulnerabilities > Wazuh > Wazuh > 4.3.6

DATE CVE VULNERABILITY TITLE RISK
2024-04-19 CVE-2023-49275 NULL Pointer Dereference vulnerability in Wazuh
Wazuh is a free and open source platform used for threat prevention, detection, and response.
network
low complexity
wazuh CWE-476
6.5
6.5
2024-04-19 CVE-2023-50260 Code Injection vulnerability in Wazuh
Wazuh is a free and open source platform used for threat prevention, detection, and response.
network
low complexity
wazuh CWE-94
8.8
8.8
2024-04-19 CVE-2024-32038 Out-of-bounds Write vulnerability in Wazuh
Wazuh is a free and open source platform used for threat prevention, detection, and response.
network
low complexity
wazuh CWE-787
critical
 9.8
9.8
2024-01-12 CVE-2023-42463 Unspecified vulnerability in Wazuh
Wazuh is a free and open source platform used for threat prevention, detection, and response.
local
low complexity
wazuh
7.8
7.8
2022-09-28 CVE-2022-40497 Unspecified vulnerability in Wazuh
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint.
network
low complexity
wazuh
8.8
8.8