CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6316
https://notcve.org/view.php?id=CVE-2018-6316
Ivanti Endpoint Security (formerly HEAT Endpoint Management and Security Suite) 8.5 Update 1 and earlier allows an authenticated user with low privileges and access to the local network to bypass application whitelisting when using the Application Control module on Ivanti Endpoint Security in lockdown mode. Existe un desbordamiento de búfer basado en memoria dinámica (heap) en InfoZip UnZip 6.10c22 que permite que un atacante realice una denegación de servicio (DoS) o que pueda lograr la ejecución de código. • https://community.ivanti.com/docs/DOC-65656 • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-8010
https://notcve.org/view.php?id=CVE-2016-8010
Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. Vulnerabilidad de elusión de protecciones de aplicaciones en Intel Security McAfee Application Control (MAC) 7.0 y versiones anteriores y Endpoint Security (ENS) 10.2 y versiones anteriores permite a usuarios locales eludir la protección de seguridad local a través de una utilidad de comando de línea. • http://www.securityfocus.com/bid/94661 https://kc.mcafee.com/corporate/index?page=content&id=SB10179 • CWE-284: Improper Access Control •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 2CVE-2016-9892 – ESET Endpoint Antivirus 6 Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-9892
The esets_daemon service in ESET Endpoint Antivirus for macOS before 6.4.168.0 and Endpoint Security for macOS before 6.4.168.0 does not properly verify X.509 certificates from the edf.eset.com SSL server, which allows man-in-the-middle attackers to spoof this server and provide crafted responses to license activation requests via a self-signed certificate. NOTE: this issue can be combined with CVE-2016-0718 to execute arbitrary code remotely as root. El servicio esets_daemon en ESET Endpoint Antivirus para macOS en versiones anteriores a 6.4.168.0 y Endpoint Security para macOS en versiones anteriores a 6.4.168.0 no verifica adecuadamente certificados X.509 del servidor SSL edf.eset.com, lo que permite a atacantes man-in-the-middle suplantar este servidor y proporcionar respuestas manipuladas para las peticiones de activación de las licencias a través de un certificado autofirmado. NOTA: este problema puede combinarse con CVE-2016-0718 para ejecutar código arbitrario remotamente como root. ESET Endpoint Antivirus 6 suffers from a remote code execution vulnerability. • http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html http://seclists.org/fulldisclosure/2017/Feb/68 http://support.eset.com/ca6333 http://www.securityfocus.com/bid/96462 • CWE-295: Improper Certificate Validation •
CVSS: 5.1EPSS: 0%CPEs: 8EXPL: 2CVE-2016-3984 – McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass
https://notcve.org/view.php?id=CVE-2016-3984
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys. El McAfee VirusScan Console (mcconsol.exe) en McAfee Active Response (MAR) en versiones anteriores a 1.1.0.161, Agent (MA) 5.x en versiones anteriores a 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) en versiones anteriores a 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Device Control (MDC) 9.3 en versiones anteriores a Patch 6 y 9.4 en versiones anteriores a Patch 1 HF3, Endpoint Security (ENS) 10.x en versiones anteriores a 10.1, Host Intrusion Prevention Service (IPS) 8.0 en versiones anteriores a 8.0.0.3624 y VirusScan Enterprise (VSE) 8.8 en versiones anteriores a P7 (8.8.0.1528) en Windows permite a administradores locales eludir las reglas destinadas a la autoprotección y desactivar el motor del antivirus modificando claves de registro. • https://www.exploit-db.com/exploits/39531 http://lab.mediaservice.net/advisory/2016-01-mcafee.txt http://seclists.org/fulldisclosure/2016/Mar/13 http://www.securitytracker.com/id/1035130 https://kc.mcafee.com/corporate/index?page=content&id=SB10151 • CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 14EXPL: 1CVE-2014-4973
https://notcve.org/view.php?id=CVE-2014-4973
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) driver in the Firewall Module Build 1183 (20140214) and earlier in ESET Smart Security and ESET Endpoint Security products 5.0 through 7.0 allows local users to gain privileges via a crafted argument to a 0x830020CC IOCTL call. El controlador del filtro NIDS de ESET Personal Firewall (EpFwNdis.sys) en el módulo del Firewall Build 1183 (20140214) y anteriores en productos ESET Smart Security y ESET Endpoint Security 5.0 hasta 7.0 permite a usuarios locales ganar privilegios a través de un argumento manipulado en una llamada IOCTL 0x830020CC. • http://seclists.org/fulldisclosure/2014/Aug/52 https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4973 • CWE-20: Improper Input Validation •