Filtered by vendor Trellix
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3314 | 1 Trellix | 1 Enterprise Security Manager | 2023-07-11 | N/A | 8.8 HIGH |
| A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip file(s). Incomplete neutralization of external commands used to control the process execution of the .zip application allows an authorized user to obtain control of the .zip application to execute arbitrary commands or obtain elevation of system privileges. | |||||
| CVE-2023-3313 | 1 Trellix | 1 Enterprise Security Manager | 2023-07-11 | N/A | 7.8 HIGH |
| An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands. | |||||
| CVE-2023-1388 | 1 Trellix | 1 Agent | 2023-06-13 | N/A | 8.1 HIGH |
| A heap-based overflow vulnerability in TA prior to version 5.7.9 allows a remote user to alter the page heap in the macmnsvc process memory block, resulting in the service becoming unavailable. | |||||
| CVE-2023-0976 | 2 Apple, Trellix | 2 Macos, Agent | 2023-06-13 | N/A | 7.8 HIGH |
| A command Injection Vulnerability in TA for mac-OS prior to version 5.7.9 allows local users to place an arbitrary file into the /Library/Trellix/Agent/bin/ folder. The malicious file is executed by running the TA deployment feature located in the System Tree. | |||||
| CVE-2022-3340 | 1 Trellix | 1 Intrusion Prevention System Manager | 2022-11-08 | N/A | 7.2 HIGH |
| XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported. | |||||