CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 395 results
«« First « Prev Page 1 / 20 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-12588 An attacker with access to an HX 10.0.0  and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger decompression of a large file that consumes an excessive amount of system resources thus causing a Denial of Service. 6.0 0.18% 2026-07-14 2026-07-15
CVE-2025-7958 A Code Injection vulnerability existed in Trellix Network Security CM and NX. A locally authenticated admin user can execute arbitrary code using the web interface and Alert artifact details. 7.1 0.19% 2026-06-26 2026-06-26
CVE-2025-14963 A vulnerability identified in the HX Agent driver file fekern.sys allowed a threat actor with local user access the ability to gain elevated system privileges. Utilization of a Bring Your Own Vulnerable Driver (BYOVD) was leveraged to gain access to the critical Windows process memory lsass.exe (Local Security Authority Subsystem Service). The fekern.sys is a driver file associated with the HX Agent (used in all existing HX Agent versions). The vulnerable driver installed in a product or a syste 6.2 0.10% 2026-02-24 2026-06-17
CVE-2025-0664 A locally authenticated, privileged user can craft a malicious OpenSSL configuration file, potentially leading the agent to load an arbitrary local library. This may impair endpoint defenses and allow the attacker to achieve code execution with SYSTEM-level privileges. 6.7 0.22% 2025-07-21 2026-06-17
CVE-2025-5967 A stored cross-site scripting vulnerability in ENS HX 10.0.4 allows a malicious user to inject arbitrary HTML into the ENS HX Malware Scan Name field, resulting in the exposure of sensitive data. 5.3 0.16% 2025-07-01 2026-06-17
CVE-2025-3773 A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder. 0.0 0.07% 2025-06-26 2026-06-17
CVE-2025-3771 A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authenticated non-admin local user to overwrite system files with SIR backup files, which can potentially cause a system crash. This was achieved by adding a malicious entry to the registry under the Trellix SIR registry folder or via policy or with a junction symbolic link to files that the user would not normally have permission to acces 7.2 0.07% 2025-06-26 2026-06-17
CVE-2025-3722 A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure. 0.0 0.15% 2025-06-26 2026-06-17
CVE-2025-0618 A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR agent by sending a specially-crafted tamper protection event to the HX service to trigger an exception. This exception will prevent any further tamper protection events from being processed, even after a reboot of HX. 6.5 0.57% 2025-04-23 2026-06-17
CVE-2025-0617 An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service. 5.9 0.36% 2025-01-29 2026-06-17
CVE-2024-5955 Cross-site scripting vulnerability in Trellix ePolicy Orchestrator prior to ePO 5.10 Service Pack 1 Update 3 allows a remote authenticated attacker to craft requests causing arbitrary content to be injected into the response when accessing the epolicy Orchestrator. 5.4 0.35% 2024-12-20 2026-06-17
CVE-2024-9679 A Hardcoded Cryptographic key vulnerability existed in DLP Extension 11.11.1.3 which allowed the decryption of previously encrypted user credentials. 5.3 0.35% 2024-12-16 2026-06-17
CVE-2024-9678 An SQL Injection vulnerability existed in DLP Extension 11.11.1.3. The vulnerability allowed an attacker to perform arbitrary SQL queries potentially leading to command execution. 4.9 0.73% 2024-12-16 2026-06-17
CVE-2024-11482 A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection, executed as the root user. 9.8 2.54% 2024-11-29 2026-06-17
CVE-2024-11481 A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API. This leads to improper handling of path traversal, insecure forwarding to an AJP backend without adequate validation, and lack of authentication for accessing internal API endpoints. 8.2 0.41% 2024-11-29 2026-06-17
CVE-2024-5957 This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs access of the Manager. 6.3 0.36% 2024-09-05 2026-06-17
CVE-2024-5956 This vulnerability allows unauthenticated remote attackers to bypass authentication and gain partial data access to the vulnerable Trellix IPS Manager with garbage data in response mostly 6.5 0.39% 2024-09-05 2026-06-17
CVE-2024-7608 An authenticated user can access the restricted files from NX, EX, FX, AX, IVX and CMS using path traversal. 5.9 0.27% 2024-08-27 2026-06-17
CVE-2024-6398 An information disclosure vulnerability in SWG in versions 12.x prior to 12.2.10 and 11.x prior to 11.2.24 allows information stored in a customizable block page to be disclosed to third-party websites due to Same Origin Policy Bypass of browsers in certain scenarios. The risk is low, because other recommended default security policies such as URL categorization and GTI are in place in most policies to block access to uncategorized/high risk websites. Any information disclosed depends on how the 4.3 0.31% 2024-07-15 2026-06-17
CVE-2024-5731 A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination of a request by manipulating the parameter, thereby leveraging sensitive information. 6.8 0.26% 2024-06-14 2026-06-17
«« First « Prev Page 1 / 20 Next »
cvelogic Threat Intelligence