Lucene search
K

513 matches found

Cvelist
Cvelist
added 2024/01/15 4:27 p.m.22 views

CVE-2024-0319 Open Redirect vulnerability in FireEye HXTool

Open Redirect vulnerability in FireEye HXTool affecting version 4.6, the exploitation of which could allow an attacker to redirect a legitimate user to a malicious page by changing the 'redirecturi' parameter...

5.4CVSS6.3AI score0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/15 4:26 p.m.20 views

CVE-2024-0318 Cross-Site Scripting in FireEye HXTool

Cross-Site Scripting in FireEye HXTool affecting version 4.6. This vulnerability allows an attacker to store a specially crafted JavaScript payload in the 'Profile Name' and 'Hostname/IP' parameters that will be triggered when items are loaded...

5.4CVSS6.1AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2024/01/15 4:26 p.m.41 views

CVE-2024-0318

CVE-2024-0318 (FireEye HXTool) affects FireEye HXTool version 4.6. A stored Cross-Site Scripting vulnerability exists in the Profile Name and Hostname/IP fields, enabling a crafted JavaScript payload to execute when items are loaded. This is evidenced across multiple sources (NVD entry and relate...

6.1CVSS5.9AI score0.00309EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/15 4:26 p.m.11 views

CVE-2024-0318 Cross-Site Scripting in FireEye HXTool

Cross-Site Scripting in FireEye HXTool affecting version 4.6. This vulnerability allows an attacker to store a specially crafted JavaScript payload in the 'Profile Name' and 'Hostname/IP' parameters that will be triggered when items are loaded...

5.4CVSS6.2AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/15 4:23 p.m.4 views

CVE-2024-0317 Cross-Site Scripting in FireEye EX

Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Exploitation of this vulnerability allows an attacker to send a specially crafted JavaScript payload via the 'type' and 'sfname' parameters to an authenticated user to retrieve their session details...

5.4CVSS6AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2024/01/15 4:23 p.m.47 views

CVE-2024-0317

CVE-2024-0317 is an XSS vulnerability in FireEye EX 9.0.3.936727. The issue allows an attacker to send a crafted JavaScript payload via the parameters “type” and “s_f_name” to an authenticated user, enabling retrieval of the user’s session details. Supported by multiple sources in the provided do...

6.1CVSS5.9AI score0.00309EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/01/15 4:15 p.m.18 views

CVE-2024-0315

Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnerability allows an attacker to upload a malicious PDF file to the system during the report creation process...

7.8CVSS6.7AI score0.00325EPSS
Exploits0References1
NVD
NVD
added 2024/01/15 4:15 p.m.20 views

CVE-2024-0316

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

7.5CVSS6.7AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 2024/01/15 4:15 p.m.2 views

CVE-2024-0315

Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnerability allows an attacker to upload a malicious PDF file to the system during the report creation process...

7.8CVSS5.8AI score0.00325EPSS
Exploits0References1
OSV
OSV
added 2024/01/15 4:15 p.m.2 views

CVE-2024-0316

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

7.5CVSS5.8AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 2024/01/15 4:15 p.m.1 views

CVE-2024-0314

XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker to modify special HTML elements in the application and cause a reflected XSS, leading to a session hijacking...

6.1CVSS5.8AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2024/01/15 4:15 p.m.14 views

CVE-2024-0314

XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker to modify special HTML elements in the application and cause a reflected XSS, leading to a session hijacking...

6.1CVSS5.4AI score0.00309EPSS
Exploits0References1
Prion
Prion
added 2024/01/15 4:15 p.m.13 views

Input validation

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

5CVSS7.1AI score0.00315EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/15 4:15 p.m.10 views

Cross site scripting

XSS vulnerability in FireEye Central Management affecting version 9.1.1.956704, which could allow an attacker to modify special HTML elements in the application and cause a reflected XSS, leading to a session hijacking...

5.8CVSS6.1AI score0.00309EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/15 4:15 p.m.12 views

Remote file inclusion

Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnerability allows an attacker to upload a malicious PDF file to the system during the report creation process...

4.3CVSS7.1AI score0.00325EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/15 4:4 p.m.44 views

CVE-2024-0316

CVE-2024-0316 affects FireEye Endpoint Security (Trellix) 5.2.0.958244. The issue is described as an improper cleanup in exceptions thrown, enabling an attacker to send multiple requests to the containment_notify/preview parameter and potentially cause a service outage. Connected sources confirm ...

7.5CVSS7.4AI score0.00315EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/01/15 4:4 p.m.25 views

CVE-2024-0316 Improper cleanup vulnerability in FireEye Endpoint Security

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

6.8CVSS7.6AI score0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/15 4:4 p.m.7 views

CVE-2024-0316 Improper cleanup vulnerability in FireEye Endpoint Security

Improper cleanup vulnerability in exceptions thrown in FireEye Endpoint Security, affecting version 5.2.0.958244. This vulnerability could allow an attacker to send multiple request packets to the containmentnotify/preview parameter, which could lead to a service outage...

6.8CVSS6.8AI score0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/15 4:2 p.m.3 views

CVE-2024-0315 Remote file inclusion vulnerability in FireEye Central Management

Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnerability allows an attacker to upload a malicious PDF file to the system during the report creation process...

6.6CVSS6.7AI score0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/15 4:2 p.m.18 views

CVE-2024-0315 Remote file inclusion vulnerability in FireEye Central Management

Remote file inclusion vulnerability in FireEye Central Management affecting version 9.1.1.956704. This vulnerability allows an attacker to upload a malicious PDF file to the system during the report creation process...

6.6CVSS7.8AI score0.00325EPSS
Exploits0References1
Rows per page
Query Builder