HCL AppScan Source <= 10.6 Improper Certificate Validation (CVE-2024-30149)

The version of HCL AppScan Source installed on the remote Windows host is 10.6.0 or earlier. It is, therefore, affected by an improper certificate validation vulnerability. HCL AppScan Source does not properly validate a TLS/SSL certificate for an executable, which could allow an attacker to...

EUVD-2020-28403

Malware in sbrugna...

EUVD-2021-18718

Malware in sbrugna...

EUVD-2020-28402

Malware in sbrugna...

[R1] Nessus Version 10.7.0 Fixes Multiple Vulnerabilities

R1 Nessus Version 10.7.0 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 02/06/2024 - 11:07 Two separate vulnerabilities were discovered, reported and fixed: A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could...

CVE-2023-3665

A code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables, leading to denial of service and or the execution of arbitrary code...

MariaDB 10.7.0 < 10.7.5 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.7.5. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.7.5 advisory. - A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a deni...

PT-2021-15584 · Mcafee · Mcafee Endpoint Security (Ens) For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Endpoint Security ENS for Windows versions prior to 10.7.0 February 2021 Update Description: The issue allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be...

CVE-2020-7331

Unquoted service executable path in McAfee Endpoint Security ENS prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files...

CVE-2020-7332

Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security ENS prior to 10.7.0 November 2020 Update allows an attacker to execute arbitrary HTML code due to incorrect security configuration...

PT-2020-19562 · Mcafee · Mcafee Endpoint Security

Name of the Vulnerable Software and Affected Versions: McAfee Endpoint Security ENS versions prior to 10.7.0 November 2020 Update Description: The issue allows administrators to inject arbitrary web script or HTML via the configuration wizard, which is a result of a cross-site scripting...

McAfee Endpoint Security Access Control Error Vulnerability

McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on...

Vulnerabilities fixed in McAfee Endpoint Security

McAfee has fixed vulnerabilities in End Point Security. A local malicious party could exploit the vulnerabilities to gain access gain access to sensitive data, or by obtaining elevated permissions to stop the anti-virus process and thereby deploy undetected implement malware. McAfee has released...

CVE-2020-7323

Authentication Protection Bypass vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTray.exe is running...

Privilege escalation

Privilege Escalation vulnerability in McAfee Endpoint Security ENS for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved...

Unspecified Vulnerability in GitLab (CNVD-2020-25736)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab Enterprise and...

McAfee Endpoint Security Buffer Overflow Vulnerability

McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on....

McAfee Endpoint Security Access Control Error Vulnerability

McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on...

CVE-2020-7255 Privilege Escalation vulnerability  in ENS

Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security ENS for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface...

CVE-2020-7259

Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security ENS Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file...