Vulnerabilities (CVE)

Filtered by vendor Mcafee Subscribe
Filtered by product Endpoint Security For Linux Threat Prevention
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23892 1 Mcafee 1 Endpoint Security For Linux Threat Prevention 2024-11-21 6.9 MEDIUM 8.2 HIGH
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations.
CVE-2018-6693 2 Linux, Mcafee 3 Linux Kernel, Endpoint Security For Linux Threat Prevention, Endpoint Security Linux Threat Prevention 2024-11-21 3.3 LOW 5.3 MEDIUM
An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files.