Lucene search
K

646 matches found

Nuclei
Nuclei
added 12 hours ago23 views

McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting

McAfee Network Data Loss Prevention User-Agent 9.3.x contains a cross-site scripting vulnerability which allows remote attackers to get session/cookie information via modification of the HTTP request. id: CVE-2017-4011 info: name: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting...

6.1CVSS6.3AI score0.03271EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-0278

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS5.9AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added yesterday25 views

CVE-2026-0278 Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-0278

Summary: CVE-2026-0278 affects the Prisma Access Agent on Windows, where multiple protection mechanism failures in the Data Loss Prevention (DLP) component allow bypass of DLP policy enforcement. The macOS agent is not affected. Affected versions: 24.0 through 26.2. Impact: DLP controls can be ci...

8.4CVSS5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:40 p.m.11 views

CVE-2026-25852

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212...

6.7CVSS6.6AI score0.0009EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.11 views

CVE-2026-50033

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS7.2AI score0.00115EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.10 views

CVE-2026-44609

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS7.2AI score0.00106EPSS
Exploits0References1
CVE
CVE
added 2026/06/03 7:26 p.m.20 views

CVE-2026-42061

CVE-2026-42061 describes a local privilege escalation caused by excessive permissions granted to child processes in Acronis DeviceLock DLP (Windows) prior to build 9.0.15051.93227 . Affected component and root cause are stated, with the CVSSv3 score reported as 7.3 (High) and attack vector LOCAL,...

7.3CVSS7.1AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 7:26 p.m.14 views

EUVD-2026-34173

Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS5.8AI score0.00106EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 7:25 p.m.13 views

EUVD-2026-34171

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

7.3CVSS5.8AI score0.00106EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.7 views

Acronis DeviceLock DLP 代码问题漏洞

Acronis DeviceLock DLP is a terminal security protection system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to 9.0.15051.93227 contained code vulnerabilities, specifically an EXE...

7.3CVSS7.3AI score0.00106EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Acronis DeviceLock DLP 安全漏洞

Acronis DeviceLock DLP is a terminal security system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to 9.0.15051.93227 contained security vulnerabilities. These vulnerabilities stemmed fro...

7.3CVSS7.3AI score0.00106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 12:57 p.m.14 views

CVE-2026-48134 SQL injection issue in UserCheck Portal when DLP Software Blade is active

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

5.6CVSS5.8AI score0.04356EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 12:57 p.m.11 views

EUVD-2026-31821

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

5.6CVSS5.8AI score0.04356EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 12:57 p.m.8 views

CVE-2026-48134

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

5.6CVSS5.8AI score0.04356EPSS
Exploits0References2
CVE
CVE
added 2026/05/26 12:57 p.m.41 views

CVE-2026-48134

The CVE-2026-48134 issue affects Check Point’s UserCheck Portal when the DLP blade is active, applying to UserCheck’s Web Portal UserChoice input handling. The root cause is an input-handling flaw that could allow an attacker with access to the UserCheck Ask page to manipulate stored DLP/UserChec...

5.6CVSS5.8AI score0.04356EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Check Point Security Gateway 安全漏洞

Check Point Security Gateway is a series of network security gateway devices developed by Check Point in Israel. There is a security vulnerability in Check Point Security Gateway, which stems from an input processing issue in the UserCheck Web Portal during the DLP activation process. This...

5.6CVSS5.8AI score0.04356EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.22 views

PT-2026-43238

Name of the Vulnerable Software and Affected Versions Security Gateway affected versions not specified Description An input-handling issue exists in the UserChoice flow of the UserCheck Web Portal when DLP is active. An attacker with access to the UserCheck Ask page can manipulate stored...

5.6CVSS5.9AI score0.04356EPSS
Exploits0References3
CheckPoint Security
CheckPoint Security
added 2026/05/20 12:0 a.m.10 views

CVE-2026-48134 - SQL injection issue in UserCheck Portal when DLP is active

Symptoms - When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This coul...

5.6CVSS5.4AI score0.04356EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.13 views

Palo Alto Networks Prisma Access Agent 访问控制错误漏洞

Palo Alto Networks Prisma Access Agent is a zero-trust network access client agent developed by Palo Alto Networks. The Palo Alto Networks Prisma Access Agent has a security vulnerability related to access control. This vulnerability stems from multiple authorization bypass issues within the...

8.5CVSS5.8AI score0.00166EPSS
Exploits0References1
Rows per page
Query Builder