in-bridge-40
CONNECTED
PROTECTED
|
afa8597c6069424e8b26ac7eb3cdaae4
Endpoint Information
in-bridge-40
AGENT_TYPE_SERVER
AGENT_OS_LINUX
Connected
Network Information
Agent Information
9.0.0.141085
2080-27769
dfx-linux-install
-
SCAN_STATUS_NONE
-
Users
0
No users logged in
Timeline
2025-12-29 17:31
2025-12-29 17:21
2026-01-02 05:25
Alerts
1462 alerts
| Severity | Name | Source | Action | Detected |
|---|---|---|---|---|
| HIGH |
Process Injection - 288965039
T1055 - Process Injection |
XDR Agent | Detected (Reported) | 01-20 20:00 |
| HIGH |
Process Injection - 288965039
T1055 - Process Injection |
XDR Agent | Detected (Reported) | 01-20 19:47 |
| HIGH |
Process Injection - 288965039
T1055 - Process Injection |
XDR Agent | Detected (Reported) | 01-20 19:47 |
| HIGH |
Process Injection - 288965039
T1055 - Process Injection |
XDR Agent | Detected (Reported) | 01-20 19:47 |
| HIGH |
Persistency - 779040014
T1053.003 - Scheduled Task/Job: Cron |
XDR Agent | Prevented (Blocked) | 01-20 19:47 |
| HIGH |
Persistency - 456694134
T1027.010 - Obfuscated Files or Information: Command Obfuscation |
XDR Agent | Detected (Reported) | 01-20 19:47 |
| MEDIUM |
Perl script connecting to network
T1059.004 - Command and Scripting Interpreter: Unix Shell |
XDR BIOC | Detected | 01-20 19:19 |
| HIGH |
Process Injection - 288965039
T1055 - Process Injection |
XDR Agent | Detected (Reported) | 01-20 19:19 |
| HIGH |
Process Injection - 288965039
T1055 - Process Injection |
XDR Agent | Detected (Reported) | 01-20 19:19 |
| HIGH |
Process Injection - 288965039
T1055 - Process Injection |
XDR Agent | Detected (Reported) | 01-20 19:15 |
Incidents
666 incidents
| ID | Severity | Description | Status | Alerts | Created |
|---|---|---|---|---|---|
| 2119 | HIGH | 'Process Injection - 288965039' along wi... | new | 632 | 01-20 11:40 |
| 2076 | HIGH | 'Staged Malware Activity - 2123359011' a... | resolved security testing | 547 | 01-19 20:06 |
| 2072 | HIGH | Process executes an obfuscated command f... | resolved security testing | 1 | 01-19 20:03 |
| 2071 | HIGH | 'Process Injection - 288965039' along wi... | resolved security testing | 5 | 01-19 20:03 |
| 2068 | HIGH | Process executes an obfuscated command f... | resolved security testing | 1 | 01-19 20:00 |
| 2066 | HIGH | 'Process Injection - 288965039' along wi... | resolved security testing | 6 | 01-19 19:46 |
| 2062 | HIGH | 'Persistency - 779040014' along with 6 o... | resolved security testing | 7 | 01-19 19:30 |
| 2056 | HIGH | 'Process Injection - 288965039' along wi... | resolved security testing | 6 | 01-19 17:13 |
| 2055 | HIGH | 'Persistency - 779040014' along with 4 o... | resolved security testing | 5 | 01-19 17:08 |
| 2054 | HIGH | 'Process Injection - 288965039' along wi... | resolved security testing | 9 | 01-19 17:00 |
CVE Vulnerabilities
392 CVEs
| CVE ID | Severity | Score | Description |
|---|---|---|---|
| CVE-2016-1585 | CRITICAL | 9.8 | In all versions of AppArmor mount rules are accidentally wid... |
| CVE-2022-0318 | CRITICAL | 9.8 | Heap-based Buffer Overflow in vim/vim prior to 8.2. |
| CVE-2022-1664 | CRITICAL | 9.8 | Dpkg::Source::Archive in dpkg, the Debian package management... |
| CVE-2022-23521 | CRITICAL | 9.8 | Git is distributed revision control system. gitattributes ar... |
| CVE-2022-32207 | CRITICAL | 9.8 | When curl < 7.84.0 saves cookies, alt-svc and hsts data to l... |
| CVE-2022-32221 | CRITICAL | 9.8 | When doing HTTP(S) transfers, libcurl might erroneously use ... |
| CVE-2022-3515 | CRITICAL | 9.8 | A vulnerability was found in the Libksba library due to an i... |
| CVE-2022-3520 | CRITICAL | 9.8 | Heap-based Buffer Overflow in GitHub repository vim/vim prio... |
| CVE-2022-41903 | CRITICAL | 9.8 | Git is distributed revision control system. `git log` can di... |
| CVE-2022-48522 | CRITICAL | 9.8 | In Perl 5.34.0, function S_find_uninit_var in sv.c has a sta... |
| CVE-2024-12084 | CRITICAL | 9.8 | A heap-based buffer overflow flaw was found in the rsync dae... |
| CVE-2022-31321 | CRITICAL | 9.1 | The foldername parameter in Bolt 5.1.7 was discovered to hav... |
| CVE-2023-23914 | CRITICAL | 9.1 | A cleartext transmission of sensitive information vulnerabil... |
| CVE-2024-38428 | CRITICAL | 9.1 | url.c in GNU Wget through 1.24.5 mishandles semicolons in th... |
| CVE-2024-32002 | CRITICAL | 9.0 | Git is a revision control system. Prior to versions 2.45.1, ... |
| CVE-2019-9185 | HIGH | 8.8 | Controller/Async/FilesystemManager.php in the filemanager in... |
| CVE-2022-0729 | HIGH | 8.8 | Use of Out-of-range Pointer Offset in GitHub repository vim/... |
| CVE-2022-1271 | HIGH | 8.8 | An arbitrary file write vulnerability was found in GNU gzip'... |
| CVE-2022-36882 | HIGH | 8.8 | A cross-site request forgery (CSRF) vulnerability in Jenkins... |
| CVE-2023-27533 | HIGH | 8.8 | A vulnerability in input validation exists in curl <8.0 duri... |
| CVE-2023-27534 | HIGH | 8.8 | A path traversal vulnerability exists in curl <8.0.0 SFTP im... |
| CVE-2024-52005 | HIGH | 8.8 | Git is a source code management tool. When cloning from a se... |
| CVE-2025-34086 | HIGH | 8.8 | Bolt CMS versions 3.7.0 and earlier contain a chain of vulne... |
| CVE-2020-4040 | HIGH | 8.6 | Bolt CMS before version 3.7.1 lacked CSRF protection in the ... |
| CVE-2024-2398 | HIGH | 8.6 | When an application tells libcurl it wants to allow HTTP/2 s... |
| CVE-2024-32487 | HIGH | 8.6 | less through 653 allows OS command execution via a newline c... |
| CVE-2022-39260 | HIGH | 8.5 | Git is an open source, scalable, distributed revision contro... |
| CVE-2024-56406 | HIGH | 8.4 | A heap buffer overflow vulnerability was discovered in Perl.... |
| CVE-2020-17437 | HIGH | 8.2 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 a... |
| CVE-2021-32803 | HIGH | 8.2 | The npm package "tar" (aka node-tar) before versions 6.1.2, ... |
| CVE-2021-32804 | HIGH | 8.2 | The npm package "tar" (aka node-tar) before versions 6.1.1, ... |
| CVE-2021-37701 | HIGH | 8.2 | The npm package "tar" (aka node-tar) before versions 4.4.16,... |
| CVE-2022-31012 | HIGH | 8.2 | Git for Windows is a fork of Git that contains Windows-speci... |
| CVE-2025-6297 | HIGH | 8.2 | It was discovered that dpkg-deb does not properly sanitize d... |
| CVE-2021-40153 | HIGH | 8.1 | squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 store... |
| CVE-2021-41072 | HIGH | 8.1 | squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allow... |
| CVE-2022-22576 | HIGH | 8.1 | An improper authentication vulnerability exists in curl 7.33... |
| CVE-2022-24903 | HIGH | 8.1 | Rsyslog is a rocket-fast system for log processing. Modules ... |
| CVE-2022-42915 | HIGH | 8.1 | curl before 7.86.0 has a double free. If curl is told to use... |
| CVE-2022-49043 | HIGH | 8.1 | xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 ha... |
| CVE-2023-31484 | HIGH | 8.1 | CPAN.pm before 2.35 does not verify TLS certificates when do... |
| CVE-2024-32004 | HIGH | 8.1 | Git is a revision control system. Prior to versions 2.45.1, ... |
| CVE-2024-5138 | HIGH | 8.1 | The snapctl component within snapd allows a confined snap to... |
| CVE-2025-48384 | HIGH | 8.0 | Git is a fast, scalable, distributed revision control system... |
| CVE-2018-1000156 | HIGH | 7.8 | GNU Patch version 2.7.6 contains an input validation vulnera... |
| CVE-2018-20969 | HIGH | 7.8 | do_ed_script in pch.c in GNU patch through 2.7.6 does not bl... |
| CVE-2019-13638 | HIGH | 7.8 | GNU patch through 2.7.6 is vulnerable to OS shell command in... |
| CVE-2021-35331 | HIGH | 7.8 | In Tcl 8.6.11, a format string vulnerability in nmakehlp.c m... |
| CVE-2021-38185 | HIGH | 7.8 | GNU cpio through 2.13 allows attackers to execute arbitrary ... |
| CVE-2021-3899 | HIGH | 7.8 | There is a race condition in the 'replaced executable' detec... |
Status Overview
CONNECTED
[]
Vulnerability Summary
15
Critical
214
High
Total CVEs
392
Medium
133
Low
24
Security Summary
0
Critical Alerts
1332
High Alerts
Total Alerts
1462
Incidents
666
CVEs
392
Quick Info
OS
AGENT_OS_LINUX
Agent
9.0.0.141085
Users
0
IP Count
1
Isolated
No
Related Links