Filtered by vendor Trellix
Subscriptions
Total
27 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-0400 | 2 Microsoft, Trellix | 2 Windows, Data Loss Prevention | 2024-11-21 | 5.9 Medium |
The protection bypass vulnerability in DLP for Windows 11.9.x is addressed in version 11.10.0. This allowed a local user to bypass DLP controls when uploading sensitive data from a mapped drive into a web email client. Loading from a local driver was correctly prevented. Versions prior to 11.9 correctly detected and blocked the attempted upload of sensitive data. | ||||
CVE-2023-0214 | 1 Trellix | 1 Skyhigh Secure Web Gateway | 2024-11-21 | 6.1 Medium |
A cross-site scripting vulnerability in Skyhigh SWG in main releases 11.x prior to 11.2.6, 10.x prior to 10.2.17, and controlled release 12.x prior to 12.0.1 allows a remote attacker to craft SWG-specific internal requests with URL paths to any third-party website, causing arbitrary content to be injected into the response when accessed through SWG. | ||||
CVE-2022-4326 | 2 Microsoft, Trellix | 2 Windows, Endpoint Security | 2024-11-21 | 5.5 Medium |
Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. | ||||
CVE-2022-3859 | 1 Trellix | 1 Agent | 2024-11-21 | 6.7 Medium |
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions prior to 5.7.8. This allows an attacker with admin access, which is required to place the DLL in the restricted Windows System folder, to elevate their privileges to System by placing a malicious DLL there. | ||||
CVE-2022-3340 | 1 Trellix | 1 Intrusion Prevention System Manager | 2024-11-21 | 5.9 Medium |
XML External Entity (XXE) vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported. | ||||
CVE-2024-5956 | 1 Trellix | 1 Intrusion Prevention System Manager | 2024-09-06 | 6.5 Medium |
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly | ||||
CVE-2024-5957 | 1 Trellix | 1 Intrusion Prevention System Manager | 2024-09-06 | 6.3 Medium |
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager. |