Vulnerabilities > Cisco > Secure Endpoint > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-22 | CVE-2023-20084 | Unspecified vulnerability in Cisco Secure Endpoint and Secure Endpoint Private Cloud A vulnerability in the endpoint software of Cisco Secure Endpoint for Windows could allow an authenticated, local attacker to evade endpoint protection within a limited time window. | 4.4 |
| 2023-03-01 | CVE-2023-20052 | XML Entity Expansion vulnerability in multiple products On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to enabling XML entity substitution that may result in XML external entity injection. | 5.3 |
| 2022-05-04 | CVE-2022-20796 | NULL Pointer Dereference vulnerability in multiple products On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. | 5.5 |