Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-35800
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information res...
Stormshield Endpoint Security
NA
CVE-2023-23561
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
Stormshield Endpoint Security
NA
CVE-2023-23562
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters.
Stormshield Endpoint Security
205
VMScore
CVE-2021-45089
Stormshield Endpoint Security 2.x prior to 2.1.2 has Incorrect Access Control.
Stormshield Endpoint Security
890
VMScore
CVE-2021-45090
Stormshield Endpoint Security prior to 2.1.2 allows remote code execution.
Stormshield Endpoint Security
409
VMScore
CVE-2020-7331
Unquoted service executable path in McAfee Endpoint Security (ENS) before 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files.
Mcafee Endpoint Security
605
VMScore
CVE-2020-7332
Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) before 10.7.0 November 2020 Update allows an malicious user to execute arbitrary HTML code due to incorrect security configuration.
Mcafee Endpoint Security
312
VMScore
CVE-2020-7333
Cross site scripting vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) before 10.7.0 November 2020 Update allows administrators to inject arbitrary web script or HTML via the configuration wizard.
Mcafee Endpoint Security
NA
CVE-2023-3665
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and previous versions, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code.
Trellix Endpoint Security
641
VMScore
CVE-2021-30360
Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote A...
Checkpoint Endpoint Security
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »