CVE-2021-31225 — CVSS 7.3 (high): SES Evolution before 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer…
CVE-2021-35957 — CVSS 6.7 (medium): Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can…
CVE-2022-4304 — CVSS 5.9 (medium): A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a…
CVE-2021-31223 — CVSS 5.7 (medium): SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration…
CVE-2021-31222 — CVSS 5.7 (medium): SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration…
CVE-2021-31221 — CVSS 5.7 (medium): SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration…
CVE-2023-35799 — CVSS 5.5 (medium): Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent…
CVE-2023-23561 — CVSS 5.5 (medium): Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
CVE-2021-31220 — CVSS 5.2 (medium): SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.
CVE-2023-23562 — CVSS 4.3 (medium): Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global…
CVE-2023-35800 — CVSS 4.3 (medium): Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory…
CVE-2021-31224 — CVSS 3.5 (low): SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to…