Page 2 of 604 results (0.007 seconds)

CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0

A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier, allows a local user to inject and execute arbitrary operating system commands using specially crafted strings. This vulnerability is due to insufficient validation of arguments that are passed to specific CLI command. The vulnerability allows the attack • https://kcm.trellix.com/corporate/index?page=content&id=SB10397 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to Improper Link Resolution via registry keys. This could enable a user with lower privileges to execute unauthorized tasks. • https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-view • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL sideloading. This could enable a user with lower privileges to execute unauthorized tasks. • https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-view • CWE-427: Uncontrolled Search Path Element •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt. • https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html https://www.mcafee.com/support/?articleId=TS103397&page=shell&shell=article-view •

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. • https://kcm.trellix.com/corporate/index?page=content&id=SB10370 • CWE-269: Improper Privilege Management •