CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2021-35957
https://notcve.org/view.php?id=CVE-2021-35957
13 Jul 2021 — Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones. Stormshield Endpoint Security Evolution versiones 2.0.0 hasta 2.0.2, no logra la defensa prevista contra los administradores locales que pueden reemplazar las DLL de tiempo de ejecución de Visual C++ (en %WINDIR%\system32) por otras maliciosas • https://advisories.stormshield.eu • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-31225
https://notcve.org/view.php?id=CVE-2021-31225
13 Jul 2021 — SES Evolution before 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed. SES Evolution versiones anteriores a 2.1.0, permite borrar algunos recursos que no están en uso por ninguna política de seguridad al aprovechar el acceso a un ordenador que tenga instalada la consola de administración • https://advisories.stormshield.eu •
CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2020-7308 – Transmission of data in clear text by McAfee ENS
https://notcve.org/view.php?id=CVE-2020-7308
15 Apr 2021 — Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses. Una transmisión de Texto Sin Cifrar de Información ... • https://kc.mcafee.com/corporate/index?page=content&id=SB10354 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23881 – Stored Cross Site Scripting in ENS
https://notcve.org/view.php?id=CVE-2021-23881
10 Feb 2021 — A stored cross site scripting vulnerability in ePO extension of McAfee Endpoint Security (ENS) prior to 10.7.0 February 2021 Update allows an ENS ePO administrator to add a script to a policy event which will trigger the script to be run through a browser block page when a local non-administrator user triggers the policy. Una vulnerabilidad de tipo cross site scripting almacenado en la extensión ePO de McAfee Endpoint Security (ENS) versiones anteriores a 10.7.0 actualización de Febrero de 2021, permite a u... • https://kc.mcafee.com/corporate/index?page=content&id=SB10345 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23883 – Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS)
https://notcve.org/view.php?id=CVE-2021-23883
10 Feb 2021 — A Null Pointer Dereference vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local administrator to cause Windows to crash via a specific system call which is not handled correctly. This varies by machine and had partial protection prior to this update. Una vulnerabilidad de Desreferencia del Puntero Null en McAfee Endpoint Security (ENS) para Windows versiones anteriores a actualización 10.7.0 de Febrero de 2021, permite a un administrador local causa... • https://kc.mcafee.com/corporate/index?page=content&id=SB10345 • CWE-476: NULL Pointer Dereference •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23882 – Improper Access Control in the ENS installer
https://notcve.org/view.php?id=CVE-2021-23882
10 Feb 2021 — Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade. Una vulnerabilidad de Control de Acceso Inapropiado en McAfee Endpoint Security (ENS) para Windows versiones anteriores a... • https://kc.mcafee.com/corporate/index?page=content&id=SB10345 • CWE-269: Improper Privilege Management •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23880 – Improper Access Control in the ENS installer
https://notcve.org/view.php?id=CVE-2021-23880
10 Feb 2021 — Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters. Un Control de Acceso Inapropiado en attribute en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 actualización de Febrero de 2021, permite a un usuario administrador local autenticado llevar a cabo... • https://kc.mcafee.com/corporate/index?page=content&id=SB10345 • CWE-269: Improper Privilege Management •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23878 – Clear text storage of sensitive Information in ENS
https://notcve.org/view.php?id=CVE-2021-23878
10 Feb 2021 — Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine Una vulnerabilidad de almacenami... • https://kc.mcafee.com/corporate/index?page=content&id=SB10345 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 14EXPL: 0CVE-2020-26941
https://notcve.org/view.php?id=CVE-2020-26941
21 Jan 2021 — A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Security Premi... • https://support.eset.com/en/ca7794-local-privilege-escalation-vulnerability-fixed-in-eset-products-for-windows • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6021
https://notcve.org/view.php?id=CVE-2020-6021
03 Dec 2020 — Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges. Check Point Endpoint Security Client para Windows versiones anteriores a E84.20, permite un acceso de escritura al directorio desde el ... • https://supportcontent.checkpoint.com/solutions?id=sk170512 • CWE-427: Uncontrolled Search Path Element •