Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-44425

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00234EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-47160

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:28 a.m.7 views

CVE-2024-5955

Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator...

5.4CVSS6.2AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:3 a.m.5 views

CVE-2024-4844

Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...

7.5CVSS6.9AI score0.00234EPSS
Exploits0References1
NVD
NVD
added 2024/12/20 6:15 a.m.31 views

CVE-2024-5955

Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator...

5.4CVSS0.00356EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/20 5:53 a.m.10 views

CVE-2024-5955

Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator...

5.4CVSS6.2AI score0.00356EPSS
Exploits0References1
CVE
CVE
added 2024/12/20 5:53 a.m.83 views

CVE-2024-5955

Summary: CVE-2024-5955 is a cross-site scripting vulnerability in Trellix ePolicy Orchestrator (ePO) prior to 5.10 Service Pack 1 Update 3. The issue allows a remote authenticated attacker to craft requests that inject arbitrary content into the response when accessing ePolicy Orchestrator. Affec...

5.4CVSS6.3AI score0.00356EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/20 5:53 a.m.27 views

CVE-2024-5955

Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator...

5.4CVSS0.00356EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/20 12:0 a.m.4 views

Trellix ePolicy Orchestrator 跨站脚本漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from FireEye Trellix USA. A cross-site scripting vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 Service Pack 1 Update 3. An attacker could use this vulnerability to inject arbitrary content int...

5.4CVSS6AI score0.00356EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/20 12:0 a.m.7 views

PT-2024-37268 · Trellix · Trellix Epolicy Orchestrator

Name of the Vulnerable Software and Affected Versions: Trellix ePolicy Orchestrator versions prior to 5.10 Service Pack 1 Update 3 Description: A cross-site scripting issue allows a remote authenticated attacker to craft requests that cause arbitrary content to be injected into the response when...

5.4CVSS6.4AI score0.00356EPSS
Exploits0References6
NVD
NVD
added 2024/05/16 7:15 a.m.23 views

CVE-2024-4844

Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...

7.5CVSS7.5AI score0.00234EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/16 6:19 a.m.25 views

CVE-2024-4844

Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...

7.5CVSS7.7AI score0.00234EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.4 views

Trellix ePolicy Orchestrator 信任管理问题漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A trust management issue vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 that stems from the use of hard-coded credentials that allow an attacker with administrator privileges to...

7.5CVSS6.6AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/16 12:0 a.m.6 views

Trellix ePolicy Orchestrator 安全漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 that stems from the presence of an insecure direct object reference that allows a low-privileged user to manipulate clien...

4.3CVSS6.7AI score0.00265EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/16 12:0 a.m.10 views

PT-2024-33110 · Trellix · Trellix Epolicy Orchestrator

Name of the Vulnerable Software and Affected Versions: Trellix ePolicy Orchestrator ePO on Premise versions prior to 5.10 Service Pack 1 Update 2 Description: A hardcoded credentials issue allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file,...

7.5CVSS7.3AI score0.00234EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/17 12:0 a.m.5 views

Trellix ePolicy Orchestrator Input Validation Error Vulnerability

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10.0 CP1 Update 2 that stems from the presence of an open redirection vulnerability. A low-privileged attacker can exploit t...

5.4CVSS6.7AI score0.00406EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/17 12:0 a.m.6 views

Trellix ePolicy Orchestrator Cross-Site Request Forgery Vulnerability

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10.0 CP1 Update 2 that stems from the presence of a cross-site request forgery CSRF vulnerability. A low-privileged attacker...

8CVSS6.6AI score0.00351EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.6 views

Trellix ePolicy Orchestrator 跨站脚本漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator versions prior to 5.10 SP1 Update 1, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability. The vulnerability can...

6.1CVSS6.3AI score0.00457EPSS
Exploits0References2
NCSC
NCSC
added 2022/10/13 12:0 a.m.5 views

Vulnerabilities fixed in Trellix ePolicy Orchestrator

Vulnerabilities have been fixed in Trellix ePolicy Orchestrator. The vulnerabilities allow a malicious party to perform attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS. Remote code execution User Rights. Access to system data For the vulnerabili...

6.1CVSS7AI score0.00558EPSS
Exploits0
CNNVD
CNNVD
added 2022/10/12 12:0 a.m.4 views

Trellix ePolicy Orchestrator 跨站脚本漏洞

Trellix ePolicy Orchestrator is a centralized security management platform from Trellix. A security vulnerability exists in Trellix ePolicy Orchestrator. No information about this vulnerability is available at this time, so stay tuned to CNNVD or the vendor announcement...

6.1CVSS6.2AI score0.00558EPSS
Exploits0References3
Rows per page
Query Builder