McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting

McAfee Network Data Loss Prevention User-Agent 9.3.x contains a cross-site scripting vulnerability which allows remote attackers to get session/cookie information via modification of the HTTP request. id: CVE-2017-4011 info: name: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting...

CVE-2026-25852

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.93212...

CVE-2026-50033

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

CVE-2026-44609

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

CVE-2026-42061

CVE-2026-42061 describes a local privilege escalation caused by excessive permissions granted to child processes in Acronis DeviceLock DLP (Windows) prior to build 9.0.15051.93227 . Affected component and root cause are stated, with the CVSSv3 score reported as 7.3 (High) and attack vector LOCAL,...

EUVD-2026-34173

Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

EUVD-2026-34171

Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP Windows before build 9.0.15051.93227...

Acronis DeviceLock DLP 安全漏洞

Acronis DeviceLock DLP is a terminal security system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to 9.0.15051.93227 contained security vulnerabilities. These vulnerabilities stemmed fro...

Acronis DeviceLock DLP 代码问题漏洞

Acronis DeviceLock DLP is a terminal security protection system developed by the Swiss company Acronis. It is designed to control access to peripherals and prevent data breaches. Versions of Acronis DeviceLock DLP prior to 9.0.15051.93227 contained code vulnerabilities, specifically an EXE...

CVE-2026-48134 SQL injection issue in UserCheck Portal when DLP Software Blade is active

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

CVE-2026-48134

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

EUVD-2026-31821

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

CVE-2026-48134

The CVE-2026-48134 issue affects Check Point’s UserCheck Portal when the DLP blade is active, applying to UserCheck’s Web Portal UserChoice input handling. The root cause is an input-handling flaw that could allow an attacker with access to the UserCheck Ask page to manipulate stored DLP/UserChec...

PT-2026-43238

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

Check Point Security Gateway 安全漏洞

Check Point Security Gateway is a series of network security gateway devices developed by Check Point in Israel. There is a security vulnerability in Check Point Security Gateway, which stems from an input processing issue in the UserCheck Web Portal during the DLP activation process. This...

CVE-2026-48134 - SQL injection issue in UserCheck Portal when DLP is active

Symptoms - When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This coul...

Palo Alto Networks Prisma Access Agent 访问控制错误漏洞

Palo Alto Networks Prisma Access Agent is a zero-trust network access client agent developed by Palo Alto Networks. The Palo Alto Networks Prisma Access Agent has a security vulnerability related to access control. This vulnerability stems from multiple authorization bypass issues within the...

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security Can Help

Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dangerous alerts are the ones no one is investigating. A recent report from The Hacker News examined why certain high-risk...

CVE-2026-43068

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocate block from corrupted group in ext4mbfindbygoal There's issue as follows: ... EXT4-fs mmcblk0p1: Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117 EXT4-fs...

CVE-2026-2810 Endpoint DLP Driver Out-of-Bounds Read

Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death BSOD. Successful...