Filtered by vendor Cyberark
                        
                        Subscribe
                        
                        
                    
                    
                
                    Total
                    28 CVE
                
            | CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 | 
|---|---|---|---|---|---|
| CVE-2018-9842 | 1 Cyberark | 1 Password Vault | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM | 
| CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message. | |||||
| CVE-2018-14894 | 1 Cyberark | 1 Endpoint Privilege Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH | 
| CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications. | |||||
| CVE-2018-13052 | 1 Cyberark | 1 Endpoint Privilege Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL | 
| In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin. | |||||
| CVE-2018-12903 | 1 Cyberark | 1 Endpoint Privilege Manager | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM | 
| In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App Group Name in the Application Group Wizard. | |||||
| CVE-2024-42337 | 1 Cyberark | 1 Identity | 2024-08-30 | N/A | 4.3 MEDIUM | 
| CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor | |||||
| CVE-2024-42338 | 1 Cyberark | 1 Identity | 2024-08-30 | N/A | 4.3 MEDIUM | 
| CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor | |||||
| CVE-2024-42340 | 1 Cyberark | 1 Identity | 2024-08-30 | N/A | 8.3 HIGH | 
| CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security | |||||
| CVE-2024-42339 | 1 Cyberark | 1 Identity | 2024-08-30 | N/A | 4.3 MEDIUM | 
| CyberArk - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor | |||||
