CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

257 matches found

OSV•added 2022/04/04 8:15 p.m.•5 views

CVE-2022-27608

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to registry key tampering by users with Administrator privileges. This could result in a user disabling anti-tampering mechanisms which would then allow the user to disable Forcepoint One Endpoint and the...

6CVSS5.8AI score0.00199EPSS

Exploits0References1

OSV•added 2022/04/04 8:15 p.m.•4 views

CVE-2022-27609

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could result in a user disabling Forcepoint One Endpoint and the protection offered by it...

6CVSS6.4AI score0.00197EPSS

Exploits0References1

Prion•added 2022/04/04 8:15 p.m.•15 views

Design/Logic Flaw

3.6CVSS5.8AI score0.00197EPSS

Exploits0References1Affected Software1

Prion•added 2022/04/04 8:15 p.m.•16 views

Buffer overflow

3.6CVSS5.9AI score0.00199EPSS

Exploits0References1Affected Software1

CVE•added 2022/04/04 7:45 p.m.•78 views

CVE-2022-27609

CVE-2022-27609 affects Forcepoint One Endpoint prior to version 22.01 on Windows. The vulnerability stems from insufficient anti-tampering protection of services by users with Administrator privileges, enabling a user to disable Forcepoint One Endpoint and its protection. Connected sources corrob...

6CVSS5.8AI score0.00197EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/04/04 7:45 p.m.•24 views

CVE-2022-27609

6CVSS6.1AI score0.00197EPSS

Exploits0References1

CVE•added 2022/04/04 7:45 p.m.•71 views

CVE-2022-27608

Forcepoint One Endpoint on Windows (pre-22.01) is vulnerable to registry key tampering by Administrator users, enabling them to disable anti-tampering and the protection. Affected product: Forcepoint One Endpoint; root cause: registry tampering leading to disabled protection; impact: attacker cou...

6CVSS5.8AI score0.00199EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/04/04 7:45 p.m.•17 views

CVE-2022-27608

6CVSS6.1AI score0.00199EPSS

Exploits0References1

CNNVD•added 2022/04/04 12:0 a.m.•2 views

Forcepoint One Endpoint安全漏洞

Forcepoint One Endpoint is a data leakage prevention solution from US-based Forcepoint. A security vulnerability exists in Forcepoint One Endpoint for Microsoft Windows, versions prior to 22.01, which stems from an inability to provide adequate service tamper protection for users with administrat...

6CVSS6.2AI score0.00197EPSS

Exploits0References2

CNNVD•added 2022/04/04 12:0 a.m.•3 views

Forcepoint One Endpoint安全漏洞

Forcepoint One Endpoint is a data leakage prevention solution from US-based Forcepoint. A security vulnerability exists in Forcepoint One Endpoint for Microsoft Windows prior to version 22.01, which originates from an attacker with administrator privileges tampering with the registry, causing the...

6CVSS6.2AI score0.00199EPSS

Exploits0References2

NVD•added 2021/10/04 5:15 p.m.•13 views

CVE-2021-41530

Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured...

7.5CVSS0.00904EPSS

Exploits0References1

OSV•added 2021/10/04 5:15 p.m.•3 views

CVE-2021-41530

Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured...

7.5CVSS7AI score0.00904EPSS

Exploits0References1

Prion•added 2021/10/04 5:15 p.m.•12 views

Design/Logic Flaw

Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured...

4.3CVSS7.5AI score0.00904EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/10/04 4:58 p.m.•16 views

CVE-2021-41530

Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0 are vulnerable to TCP reflected amplification vulnerability, if HTTP User Response has been configured...

7.7AI score0.00904EPSS

Exploits0References1

CVE•added 2021/10/04 4:58 p.m.•49 views

CVE-2021-41530

CVE-2021-41530 affects Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and earlier, and 6.10.0, which are vulnerable to a TCP reflected amplification vulnerability when HTTP User Response is configured. The condition and vulnerability type are described in NVD/NVD-derived records; no ex...

7.5CVSS7.5AI score0.00904EPSS

Exploits0References1Affected Software1

CNNVD•added 2021/10/04 12:0 a.m.•2 views

Forcepoint NGFW Engine 安全漏洞

Forcepoint NGFW Engine is a next-generation firewall solution from Forcepoint Corporation. A security vulnerability exists in Forcepoint NGFW Engine that originates from a TCP reflection amplification vulnerability in the affected software if the user configures HTTP User Response...

7.5CVSS7.3AI score0.00904EPSS

Exploits0References3

NCSC•added 2021/04/09 12:0 a.m.•5 views

Vulnerability fixed in Forcepoint Web Security

A vulnerability has been fixed in Forcepoint Web Security. A malicious party can exploit the vulnerability to launch an XML External Entity Injection XXE attack when processing of XML data. An external attacker could exploit it to obtain sensitive information. Forcepoint has released updates to...

7.5CVSS7.1AI score0.01046EPSS

Exploits0

NVD•added 2021/04/08 10:15 p.m.•26 views

CVE-2020-6590

Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure...

7.5CVSS0.01046EPSS

Exploits0References1

OSV•added 2021/04/08 10:15 p.m.•4 views

CVE-2020-6590

Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leading to information disclosure...

7.5CVSS7.1AI score0.01046EPSS

Exploits0References1