Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
agent vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-42786
It exists that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) has Remote Code Execution vulnerabilities in multiple instances of the API requests. The affected endpoints do not have any input validation of the user's input that allowed a malicious payload to be i...
Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
Riverbed Steelcentral Appinternals Dynamic Sampling Agent
1 Article
668
VMScore
CVE-2021-42787
It exists that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentConfigurationServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/configuration" API. The affected endpoint does not have any input validation of the use...
Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
Riverbed Steelcentral Appinternals Dynamic Sampling Agent
1 Article
668
VMScore
CVE-2021-42853
It exists that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDiagnosticServlet has directory traversal vulnerability at the "/api/appInternals/1.0/agent/diagnostic/logs" API. The affected endpoint does not have any input validation of the user...
Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
Riverbed Steelcentral Appinternals Dynamic Sampling Agent
1 Article
668
VMScore
CVE-2021-42854
It exists that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) PluginServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/plugin/pmx" API. The affected endpoint does not have any input validation of the user's input that a...
Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
Riverbed Steelcentral Appinternals Dynamic Sampling Agent
1 Article
383
VMScore
CVE-2021-42856
It exists that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS) attack. It was noted that the Metric parameter does not have any input checks on the user input that allows an malicious user to craft its own malicious payload to trigger a XSS vulnerability.
Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
Riverbed Steelcentral Appinternals Dynamic Sampling Agent
409
VMScore
CVE-2021-42855
It exists that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the ".debug_command.config" file to store a json string that contains a list of IDs and pre-configured commands. The config file is subsequently used by the "/api/appInternals/1.0/agent/...
Riverbed Steelcentral Appinternals Dynamic Sampling Agent
Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
445
VMScore
CVE-2021-42857
It exists that the SteelCentral AppInternals Dynamic Sampling Agent's (DSA) AgentDaServlet has directory traversal vulnerabilities at the "/api/appInternals/1.0/agent/da/pcf" API. The affected endpoint does not have any validation of the user's input that allo...
Riverbed Steelcentral Appinternals Dynamic Sampling Agent 10.0.0
Riverbed Steelcentral Appinternals Dynamic Sampling Agent
NA
CVE-2023-0975
A vulnerability exists in Trellix Agent for Windows version 5.7.8 and previous versions, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions.
Trellix Agent
NA
CVE-2023-0977
A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and previous versions, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable.
Trellix Agent
187
VMScore
CVE-2022-1257
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows before 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.
Mcafee Agent
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »