Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ens vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0310
A content-security-policy vulnerability in ENS Control browser extension before 10.7.0 Update 15 allows a remote malicious user to alter the response header parameter setting to switch the content security policy into report-only mode, allowing an malicious user to bypass the co...
Trellix Endpoint Security Web Control
Trellix Endpoint Security Web Control 10.7.0
NA
CVE-2024-0206
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry fol...
Trellix Anti-malware Engine 6600
NA
CVE-2023-3665
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and previous versions, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code.
Trellix Endpoint Security
NA
CVE-2023-38698
Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or re...
Ens.domains Ethereum Name Service
2.1
CVSSv2
CVE-2021-31842
XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file a...
Mcafee Endpoint Security
Mcafee Endpoint Security 10.7.0
4.6
CVSSv2
CVE-2021-31843
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows before 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an u...
Mcafee Endpoint Security
Mcafee Endpoint Security 10.7.0
6.4
CVSSv2
CVE-2020-7308
Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows before 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote malicious user to view the requests from ENS and responses from GTI ...
Mcafee Endpoint Security 10.7.0
Mcafee Endpoint Security 10.6.1
Mcafee Endpoint Security
3.5
CVSSv2
CVE-2021-23881
A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) before 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local no...
Mcafee Endpoint Security
1.9
CVSSv2
CVE-2021-23882
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable...
Mcafee Endpoint Security
4.9
CVSSv2
CVE-2021-23883
A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial prote...
Mcafee Endpoint Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »