Trend Micro TrendAI Vision One Endpoint Security - Standard Endpoint Protection 访问控制错误漏洞

Trend Micro TrendAI Vision One Endpoint Security – Standard Endpoint Protection is an enterprise endpoint security platform provided by Trend Micro that offers capabilities for detecting terminal threats, antivirus protection, and managing security policies. There are access control vulnerability...

CVE-2022-27608

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...

CVE-2022-27609

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...

CVE-2025-62346

A Cross-Site Request Forgery CSRF vulnerability was identified in HCL Glovius Cloud. An attacker can force a user's web browser to execute an unwanted, malicious action on a trusted site where the user is authenticated, specifically on one endpoint...

PT-2025-45071

Name of the Vulnerable Software and Affected Versions AI Engine plugin for WordPress versions prior to 3.1.4 AI Engine versions 2.8.x and 2.9.x prior to 2.9.5 Description The AI Engine plugin for WordPress has a Sensitive Information Exposure issue via the /mcp/v1/ REST API endpoint. When the...

CVE-2025-10487

The Advanced Ads – Ad Manager & AdSense plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.12 via the selectone function. This is due to the endpoint not properly restricting access to the AJAX endpoint or limiting the functions that can be calle...

EUVD-2019-15711

Malware in sbrugna...

EUVD-2022-32109

Malicious code in bioql PyPI...

EUVD-2022-32110

Malicious code in bioql PyPI...

EUVD-2022-24985

Malicious code in bioql PyPI...

CVE-2019-6144

This vulnerability allows a normal non-admin user to disable the Forcepoint One Endpoint versions 19.04 through 19.08 and bypass DLP and Web protection...

Trend Micro Deep Security Security Vulnerabilities

Trend Micro Deep Security is a server deep security system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security version 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent that stems from an improper access control vulnerability. It could allow a...

Trend Micro Deep Security Security Vulnerabilities

Trend Micro Deep Security is a server deep security system client from Trend Micro. A security vulnerability exists in Trend Micro Deep Security version 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent. It could allow a local attacker to elevate privileges on an affected...

PT-2023-8406 · Trend Micro · Trend Micro Deep Security +1

Name of the Vulnerable Software and Affected Versions: Trend Micro Deep Security version 20.0 Trend Micro Cloud One - Endpoint and Workload Security Agent affected versions not specified Description: An improper access control issue could allow a local attacker to escalate privileges on affected...

CVE-2022-1700

Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...

CVE-2022-1700

Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...

CVE-2022-1700

Improper Restriction of XML External Entity Reference 'XXE' vulnerability in the Policy Engine of Forcepoint Data Loss Prevention DLP, which is also leveraged by Forcepoint One Endpoint F1E, Web Security Content Gateway, Email Security with DLP enabled, and Cloud Security Gateway prior to June 20...

PT-2022-14056 · Forcepoint · Forcepoint Email Security +4

Name of the Vulnerable Software and Affected Versions: Forcepoint Data Loss Prevention DLP versions prior to 8.8.2 Forcepoint One Endpoint F1E with Policy Engine versions prior to 8.8.2 Forcepoint Web Security Content Gateway versions prior to 8.5.5 Forcepoint Email Security with DLP enabled...

GHSA-5VW8-R55W-F4Q4 Magento is affected by an improper input validation vulnerability

Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the V1/customers/me endpoint to achieve information exposure and privile...

CVE-2022-27609

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...