Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield endpoint security vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-20032
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and previous versions, 0.105.1 and previous versions, and 0.103.7 and previous versions could allow an unauthentic...
Cisco Web Security Appliance
Cisco Secure Endpoint Private Cloud
Cisco Secure Endpoint
Clamav Clamav 1.0.0
Clamav Clamav
Stormshield Stormshield Network Security
2 Github repositories
1 Article
9.8
CVSSv3
CVE-2021-45090
Stormshield Endpoint Security prior to 2.1.2 allows remote code execution.
Stormshield Endpoint Security
7.5
CVSSv3
CVE-2022-40617
strongSwan prior to 5.9.8 allows remote malicious users to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn'...
Strongswan Strongswan
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 22.04
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 37
Stormshield Stormshield Network Security
7.3
CVSSv3
CVE-2021-31225
SES Evolution prior to 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
6.7
CVSSv3
CVE-2021-35957
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones.
Stormshield Endpoint Security
5.9
CVSSv3
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
5.7
CVSSv3
CVE-2021-31222
SES Evolution prior to 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
5.7
CVSSv3
CVE-2021-31223
SES Evolution prior to 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
5.7
CVSSv3
CVE-2021-31221
SES Evolution prior to 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
5.5
CVSSv3
CVE-2023-35799
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.
Stormshield Endpoint Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »