Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ens vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2020-7263
Improper access control vulnerability in ESconfigTool.exe in McAfee Endpoint Security (ENS) for Windows all current versions allows local administrator to alter ENS configuration up to and including disabling all protection offered by ENS via insecurely implemented encryption of ...
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
Mcafee Endpoint Security 10.6.1
Mcafee Endpoint Security 10.7.0
8.7
CVSSv3
CVE-2020-5232
A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry.
Ens.domains Ethereum Name Service
1 Github repository
5
CVSSv3
CVE-2021-23878
Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed spe...
Mcafee Endpoint Security
5.3
CVSSv3
CVE-2020-7277
Protection mechanism failure in all processes in McAfee Endpoint Security (ENS) for Windows before 10.7.0 April 2020 Update allows local users to stop certain McAfee ENS processes, reducing the protection offered.
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
5.5
CVSSv3
CVE-2020-7251
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) before 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.
Mcafee Endpoint Security
7.8
CVSSv3
CVE-2023-3665
A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and previous versions, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code.
Trellix Endpoint Security
5.3
CVSSv3
CVE-2019-3652
Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security (ENS) before 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer.
Mcafee Endpoint Security
Mcafee Endpoint Security 10.6.1
7.8
CVSSv3
CVE-2020-7250
Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permissio...
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
6.5
CVSSv3
CVE-2020-7278
Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows before 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via p...
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
4.8
CVSSv3
CVE-2021-23881
A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) before 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local no...
Mcafee Endpoint Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »