36 matches found
CVE-2022-27608
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...
CVE-2022-27609
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...
CVE-2025-14026
Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...
CVE-2025-14026
Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...
CVE-2025-14026 Vulnerable Python version used in Forcepoint One DLP Client
Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...
CVE-2025-14026 Vulnerable Python version used in Forcepoint One DLP Client
Forcepoint One DLP Client, version 23.04.5642 and possibly newer versions, includes a restricted version of Python 2.5.4 that prevents use of the ctypes library. ctypes is a foreign function interface FFI for Python, enabling calls to DLLs/shared libraries, memory allocation, and direct code...
CVE-2025-14026
Summary (CVE-2025-14026): Forcepoint One DLP Client (version 23.04.5642 and potentially newer) ships with a restricted Python 2.5.4 runtime that blocks ctypes (FFI). The restriction was shown to be bypassable by reintroducing ctypes support, enabling potential arbitrary code execution via DLLs/me...
Forcepoint One DLP Client 安全漏洞
Forcepoint One DLP Client is an endpoint data protection agent software from Forcepoint, USA. A security vulnerability exists in Forcepoint One DLP Client version 23.04.5642, which stems from a restriction on the ctypes library that can be bypassed, potentially leading to the execution of arbitra...
Vulnerable Python version used in Forcepoint One DLP Client
Overview A vulnerability in the Forcepoint One DLP Client allows bypass of the vendor-implemented Python restrictions designed to prevent arbitrary code execution. By reconstructing the ctypes FFI environment and applying a version-header patch to the ctypes.pyd module, an attacker can restore...
EUVD-2019-15711
Malware in sbrugna...
EUVD-2022-24985
Malicious code in bioql PyPI...
EUVD-2022-32110
Malicious code in bioql PyPI...
EUVD-2022-32109
Malicious code in bioql PyPI...
CVE-2019-6144
This vulnerability allows a normal non-admin user to disable the Forcepoint One Endpoint versions 19.04 through 19.08 and bypass DLP and Web protection...
Forcepoint One SmartEdge Agent Security Vulnerability
Forcepoint One SmartEdge Agent is an endpoint security agent from Forcepoint that can be used to protect user devices from a variety of cyber threats and data leaks. A security vulnerability exists in Forcepoint One SmartEdge Agent versions prior to 1.7.0.230330-554, which stems from a lack of...
CVE-2022-1700
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...
CVE-2022-1700
Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...
CVE-2022-27608
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...
CVE-2022-27608
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...
CVE-2022-27609
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...