Lucene search
K

67 matches found

OSV
OSV
added 2023/08/31 9:15 p.m.6 views

CVE-2023-41751

Sensitive information disclosure due to improper token expiration validation. The following products are affected: Acronis Agent Windows before build 32047...

5.5CVSS5.8AI score0.00133EPSS
Exploits0References1
OSV
OSV
added 2023/08/31 9:15 p.m.5 views

CVE-2023-41749

Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent Windows before build 32047, Acronis Cyber Protect 15 Windows before build 35979...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/07/24 6:15 p.m.1 views

CVE-2023-26077

Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions...

7.8CVSS5.9AI score0.00345EPSS
Exploits0References4
OSV
OSV
added 2023/04/03 4:15 p.m.4 views

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

7.8CVSS7.1AI score0.00168EPSS
Exploits0References1
OSV
OSV
added 2023/02/13 10:15 a.m.5 views

CVE-2022-45454

Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Agent Windows before build 30161, Acronis Cyber Protect 15 Windows before build 30984...

7.5CVSS5.8AI score0.00252EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/16 3:48 p.m.27 views

CVE-2022-4326 Trellix xAgent permission bypass vulnerability

Improper preservation of permissions vulnerability in Trellix Endpoint Agent xAgent prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality...

5.5CVSS6.1AI score0.00224EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/12 12:0 a.m.3 views

PT-2022-16042 · Amazon · Amazon Cloudwatch Agent For Windows

Name of the Vulnerable Software and Affected Versions: Amazon CloudWatch Agent for Windows versions up to and including v1.247354 Description: A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows. When users trigger a repair of the Agent, a pop-up window opens with...

7.1CVSS7.5AI score0.00482EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.5 views

PT-2022-24471 · Trellix · Trellix Agent

Name of the Vulnerable Software and Affected Versions: Trellix Agent TA for Windows versions prior to 5.7.8 Description: An uncontrolled search path vulnerability exists in Trellix Agent TA for Windows. This allows an attacker with admin access to elevate their privileges to System by placing a...

6.7CVSS6.4AI score0.00202EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/03/17 5:15 p.m.3 views

CVE-2022-26503

Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges...

7.8CVSS7.3AI score0.0068EPSS
Exploits0References3
NVD
NVD
added 2022/03/17 5:15 p.m.24 views

CVE-2022-26503

Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges...

7.8CVSS0.0068EPSS
Exploits0References2
OSV
OSV
added 2022/03/17 5:15 p.m.5 views

CVE-2022-26503

Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x allows local users to run arbitrary code with local system privileges...

7.8CVSS7.3AI score0.0068EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/03/17 12:0 a.m.9 views

Veeam Agent for Windows 代码问题漏洞

Veeam Agent for Windows is a data protection and disaster recovery solution for physical and virtual machines from Veeam Switzerland. A security vulnerability exists in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x that allows local users to run arbitrary code with local system...

7.8CVSS7.7AI score0.0068EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/03/16 12:0 a.m.5 views

The vulnerability of the Veeam Agent for Microsoft Windows data backup tool, related to deserialization mechanism flaws, allows attackers to execute arbitrary code.

The vulnerability of the Veeam Agent for Microsoft Windows data backup tool is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted data through the TCP port 9395...

7.8CVSS7.7AI score0.0068EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/11/03 9:15 p.m.6 views

CVE-2021-41562

A vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. This issue affects: Snow Snow Agent for Windows version 5.0.0 to 6.7.1 on Windows...

6.1CVSS5.9AI score0.00244EPSS
Exploits0References1
NCSC
NCSC
added 2021/09/23 12:0 a.m.4 views

Vulnerabilities fixed in McAfee Agent for Windows

Vulnerabilities have been fixed in McAfee Agent for Windows. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Remote code execution Administrator/Root privileges. Access to sensitive data Increased user privileges...

8.2CVSS7.3AI score0.00386EPSS
Exploits0
OSV
OSV
added 2021/09/22 2:15 p.m.5 views

CVE-2021-31836

Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user...

7.1CVSS7AI score0.0019EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/09/22 12:0 a.m.4 views

PT-2021-19543 · Mcafee · Mcafee Agent For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.4 Description: A DLL sideloading issue could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the...

8.2CVSS7.4AI score0.00234EPSS
Exploits0References3
OSV
OSV
added 2021/06/28 11:15 a.m.4 views

CVE-2021-20099

Nessus Agent 8.2.4 and earlier for Windows were found to contain multiple local privilege escalation vulnerabilities which could allow an authenticated, local administrator to run specific Windows executables as the Nessus host. This is different than CVE-2021-20100...

6.7CVSS6.6AI score0.00317EPSS
Exploits0References1
NCSC
NCSC
added 2021/06/11 12:0 a.m.26 views

Vulnerabilities fixed in McAfee Agent for Windows

Vulnerabilities have been fixed in McAfee Agent for Windows. A malicious party could potentially exploit the vulnerability with CVE attribute CVE-2021-31840 potentially exploit it to execute arbitrary code with elevated privileges via a "DLL preloading" attack. The vulnerability with CVE attribut...

7.3CVSS7.9AI score0.00348EPSS
Exploits0
NVD
NVD
added 2021/06/10 5:15 p.m.57 views

CVE-2021-31840

A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...

7.3CVSS0.00348EPSS
Exploits0References1
Rows per page
Query Builder