Lucene search
K

304 matches found

Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.5 views

NewStart CGSL MAIN 7.02 : libtiff Multiple Vulnerabilities (NS-SA-2025-0128)

The remote NewStart CGSL host, running version MAIN 7.02, has libtiff packages installed that are affected by multiple vulnerabilities: - A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the...

8.2CVSS7.3AI score0.02187EPSS
Exploits4References19
Trellix
Trellix
added 2025/07/21 12:0 a.m.8 views

Dark Web Roast - June 2025 Edition

Dark Web Roast - June 2025 Edition By Trellix Advanced Research Center · July 21, 2025 Executive Summary Welcome to the very first Dark Web Roast! Each month, we're going to take a peek into the shadowy world of cybercrime and playfully "roast" some of its characters, all with a little help from...

5.9AI score
Exploits0
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.4 views

Trellix Endpoint Security 代码注入漏洞

Trellix Endpoint Security ENS is an endpoint security solution from FireEye Trellix USA. A code injection vulnerability exists in the Trellix Endpoint Security HX Agent that originates from a privileged user being able to create a malicious OpenSSL configuration file that could lead to the loadin...

6.7CVSS7.4AI score0.00168EPSS
Exploits0References1
Trellix
Trellix
added 2025/07/17 12:0 a.m.5 views

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect By Maulik Maheta and Adithya Chandra · July 17, 2025 Executive summary This blog marks the third installment in our series on detecting and visualizing lateral movement attacks with Trellix Helix Connect. A lateral...

6.2AI score
Exploits0
Trellix
Trellix
added 2025/07/17 12:0 a.m.17 views

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR

Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect By Maulik Maheta and Adithya Chandra · July 17, 2025 Executive summary This blog marks the third installment in our series on detecting and visualizing lateral movement attacks with Trellix Helix Connect. A lateral...

6.2AI score
Exploits0
CNNVD
CNNVD
added 2025/07/01 12:0 a.m.6 views

Trellix Endpoint Security HX 跨站脚本漏洞

Trellix Endpoint Security HX is an endpoint detection and response software from Trellix, USA. A cross-site scripting vulnerability exists in Trellix Endpoint Security HX version 10.0.4, which stems from susceptibility to a stored cross-site scripting attack that could lead to sensitive data...

5.3CVSS5.8AI score0.0016EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2025/06/27 12:0 a.m.107 views

📄 McAfee Agent 5.7.6 Insecure Storage

This script demonstrates the vulnerability in McAfee's Trellix Agent Database where attackers can retrieve and decrypt credentials from the ma.db database file. Version 5.7.6 is affected. Exploit Title: McAfee Agent 5.7.6 - Insecure Storage of Sensitive Information Date: 24 June 2025 Exploit...

6.1CVSS6.3AI score0.00622EPSS
Exploits2
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.6 views

Trellix System Information Reporter 路径遍历漏洞

Trellix System Information Reporter is a system information cell phone tool from Trellix, Inc. A path traversal vulnerability exists in Trellix System Information Reporter 1.0.3 and earlier versions, which stems from a path traversal issue that could result in the creation or overwriting of...

4.4CVSS6.5AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.5 views

Trellix System Information Reporter 安全漏洞

Trellix System Information Reporter is a system information cell phone tool from Trellix USA. A security vulnerability exists in Trellix System Information Reporter 1.0.3 and earlier versions, which stems from a path or symbolic link manipulation issue that could lead to a system file overwrite...

7.2CVSS6.2AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.10 views

CVE-2024-5956

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly...

6.5CVSS7.4AI score0.00389EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:28 a.m.7 views

CVE-2024-5955

Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator...

5.4CVSS6.2AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.10 views

CVE-2023-6072

A cross-site scripting vulnerability in Trellix Central Management CM prior to 9.1.3.97129 allows a remote authenticated attacker to craft CM dashboard internal requests causing arbitrary content to be injected into the response when accessing the CM dashboard...

5.4CVSS6AI score0.00345EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:57 a.m.8 views

CVE-2023-6119

An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it creates during execution...

7.8CVSS7.1AI score0.00209EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:46 a.m.7 views

CVE-2023-4814

A Privilege escalation vulnerability exists in Trellix Windows DLP endpoint for windows which can be abused to delete any file/folder for which the user does not have permission to...

7.1CVSS7AI score0.00145EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.9 views

CVE-2023-0978

A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to...

6.7CVSS7.8AI score0.00385EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.5 views

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

6.7CVSS7.1AI score0.00535EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.21 views

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

8.2CVSS6.6AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:20 a.m.13 views

CVE-2022-3859

An uncontrolled search path vulnerability exists in Trellix Agent TA for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL ther...

6.7CVSS6.7AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:19 a.m.12 views

CVE-2022-3340

XML External Entity XXE vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported...

7.2CVSS6.6AI score0.00536EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:34 a.m.5 views

CVE-2022-4326

Improper preservation of permissions vulnerability in Trellix Endpoint Agent xAgent prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality...

6CVSS6.7AI score0.00224EPSS
Exploits0References1
Rows per page
Query Builder