Lucene search
+L

304 matches found

Trellix
Trellix
added 2024/02/13 12:0 a.m.18 views

Cyberattack on Democracy: Escalating Cyber Threats Immediately Ahead of Taiwan’s 2024 Presidential Election

Cyberattack on Democracy: Escalating Cyber Threats Immediately Ahead of Taiwan’s 2024 Presidential Election By Anne An · February 13, 2024 Preface Cybersecurity has become an integral part of election security. Nation-state actors and other politically motivated groups are likely to try to...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2024/02/13 12:0 a.m.5 views

Trellix Central Management Cross-Site Scripting Vulnerability

Trellix Central Management is a centralized management system from Trellix, Inc. It consolidates the management, reporting and data sharing of Trellix products into one easy-to-deploy system. A cross-site scripting vulnerability exists in Trellix Central Management prior to version 9.1.3.97129,...

5.4CVSS6.2AI score0.00345EPSS
Exploits0References2
Trellix
Trellix
added 2024/01/18 12:0 a.m.16 views

JAVA-based Sophisticated Stealer Using Discord Bot as EventListener

JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener By Trellix · January 18, 2024 This blog was written by Gurumoorthi Ramanathan Executive Summary: In mid-November 2023, Trellix Advanced Research Center team members observed a Java-based stealer being spread through cracked...

7AI score
Exploits0
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.4 views

Trellix Central Management Cross-Site Scripting Vulnerability

Trellix Central Management is a centralized management system from Trellix, Inc. It consolidates the management, reporting and data sharing of Trellix products into one easy-to-deploy system. A cross-site scripting vulnerability exists in Trellix Central Management version 9.1.1.956704, which ste...

6.1CVSS6AI score0.00309EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.5 views

Trellix Central Management Security Vulnerability

Trellix Central Management is a centralized management system from Trellix, Inc. It consolidates the management, reporting and data sharing of Trellix products into one easy-to-deploy system. A security vulnerability exists in Trellix Central Management version 9.1.1.956704 that stems from the...

7.8CVSS7AI score0.00325EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.6 views

Trellix Malware Analysis Cross-Site Scripting Vulnerability

Trellix Malware Analysis is a malware analysis software from Trellix, Inc. A cross-site scripting vulnerability exists in Trellix Malware Analysis version 9.0.3.936530, which stems from the presence of a cross-site scripting vulnerability. The vulnerability allows an attacker to send a specially...

6.1CVSS6.1AI score0.00309EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.3 views

Trellix Endpoint Security Security Vulnerabilities

Trellix Endpoint Security ENS is an endpoint security solution from FireEye USA Trellix. A security vulnerability exists in Trellix Endpoint Security version 5.2.0.958244, which stems from an improper cleanup vulnerability in thrown exceptions. The vulnerability could allow an attacker to send...

7.5CVSS6.8AI score0.00315EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/11 12:0 a.m.64 views

Trellix Agent < 5.8.1 Buffer Overflow Vulnerability (SB10416)

The version of Trellix Agent, formerly McAfee Agent or McAfee Policy Orchestrator ePO Agent, installed on the remote host is prior to 5.8.1. It is, therefore, affected by a buffer overflow vulnerability due to not handling files in the /var/McAfeee/.msgbus folder correctly. A local attacker can...

8.2CVSS7.8AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/10 12:0 a.m.8 views

Trellix Endpoint Security Cross-Site Scripting Vulnerability

Trellix Endpoint Security ENS is an endpoint security solution from FireEye Trellix USA. A cross-site scripting vulnerability exists in Trellix Endpoint Security ENS Web Control prior to version 10.7.0 Update 15, which originates from a cross-site scripting vulnerability that allows a remote...

6.1CVSS6.2AI score0.00422EPSS
Exploits0References2
OSV
OSV
added 2024/01/09 2:15 p.m.3 views

CVE-2024-0206

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...

7.8CVSS5.8AI score0.00184EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/09 12:56 p.m.36 views

CVE-2024-0206

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...

7.1CVSS8AI score0.00184EPSS
Exploits0References1
CVE
CVE
added 2024/01/09 12:56 p.m.59 views

CVE-2024-0206

CVE-2024-0206 affects Trellix Anti-Malware Engine prior to the January 2024 release. The root cause is a symbolic link in the Trellix ENS registry folder that a privileged, authenticated local user can create, which the Engine then follows after a scan, potentially removing files the user should ...

7.8CVSS7.7AI score0.00184EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/09 12:56 p.m.7 views

CVE-2024-0206

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symboli...

7.1CVSS7.8AI score0.00184EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.7 views

Trellix Agent Security Vulnerability

Trellix Agent is a client component of FireEye USA Trellix, Inc. It provides secure communication between McAfee ePolicy Orchestrator McAfee ePO and hosted products. A security vulnerability exists in Trellix Agent versions prior to 5.8.1, which stems from the presence of a buffer overflow...

8.2CVSS7AI score0.00173EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.5 views

Trellix Anti-Malware Engine Backlink Vulnerability

Trellix Anti-Malware Engine is a security program from FireEye Trellix, Inc. Trellix Anti-Malware Engine version 6700 suffers from a back-link vulnerability that stems from the presence of a symbolic link manipulation vulnerability that allows privilege escalation by authenticated local users...

7.8CVSS6.6AI score0.00184EPSS
Exploits0References3
Trellix
Trellix
added 2024/01/02 12:0 a.m.14 views

The Anatomy of HTML Attachment Phishing

The Anatomy of HTML Attachment Phishing: One Code, Many Variants By Mathanraj Thangaraju, Niranjan Hegde, and Sijo Jacob · June 14, 2023 Introduction Phishing is the malevolent practise of pretending to be a reliable entity in electronic communication to steal sensitive data, such as login...

7.7AI score
Exploits0
Trellix
Trellix
added 2023/12/07 12:0 a.m.20 views

Scanning Danger: Unmasking the Threats of Quishing

Scanning Danger: Unmasking the Threats of Quishing By Shyava Tripathi and Rohan Shah · December 7, 2023 This blog was also written by Raghav Kapoor Phishing, a prevalent cybercrime worldwide, is responsible for as much as 90 percent of data breaches, making it a significant avenue for the theft o...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/04 12:0 a.m.25 views

Trellix Enterprise Security Manager < 11.6.7 Command Injection

The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.7. It is, therefore, affected by multiple command injection vulnerabilities. - A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip files. Incomplete...

8.8CVSS8.3AI score0.00942EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/30 12:0 a.m.18 views

Trellix Enterprise Security Manager < 11.6.9 Command Injection

The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.9. It is, therefore, affected by a command injection vulnerability. Due to improper neutralization of special elements, a remote attacker, authenticated as an administrator, can execute code as...

8.8CVSS8.3AI score0.00234EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/27 12:0 a.m.4 views

Trellix Application and Change Control Path Traversal Vulnerability

Trellix Application and Change Control Trellix ACC is an application and change control program from FireEye USA Trellix. A path traversal vulnerability exists in Trellix Application and Change Control TACC versions prior to 8.4.0, which stems from a path traversal vulnerability in the TACC ePO...

8.4CVSS6.8AI score0.00937EPSS
Exploits0References1
Rows per page
Query Builder