← Back

Carbonblack

carbonblack

5 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Carbon Black
carbon_black
4 CVEs
Carbon Black Cb
carbon_black_cb
1 CVE

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-10407
1Carbonblack
1Carbon Black Cb
Nov 21, 2024
Jun 13, 2018
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
An issue was discovered in Carbon Black Cb Response. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the th...Show more
An issue was discovered in Carbon Black Cb Response. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute.Show less
CVE-2016-9568
1Carbonblack
1Carbon Black
Nov 21, 2024
Feb 19, 2018
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform unauthorized actions.
CVE-2016-9570
1Carbonblack
1Carbon Black
Nov 21, 2024
Feb 12, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service (out-of-bounds read, invalid pointer dereference, and application crash) by leveraging access to the NetMon named pipe.
CVE-2016-9569
1Carbonblack
1Carbon Black
Nov 21, 2024
Feb 12, 2018
N/A· v4
4.4 MEDIUM· v3
4.9 MEDIUM· v2
The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in an 0x62430028 IOCTL call.
CVE-2014-1615
1Carbonblack
1Carbon Black
May 6, 2026
Apr 22, 2014
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative users and have other...Show more
Multiple cross-site request forgery (CSRF) vulnerabilities in Carbon Black before 4.1.0 allow remote attackers to hijack the authentication of administrators for requests that add new administrative users and have other unspecified action, as demonstrated by a request to api/user.Show less