Vulnerabilities > Mcafee
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-10 | CVE-2019-3612 | Cleartext Storage of Sensitive Information vulnerability in Mcafee Data Exchange Layer and Threat Intelligence Exchange Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line. | 4.4 |
| 2019-03-26 | CVE-2019-3606 | Cleartext Storage of Sensitive Information vulnerability in Mcafee Network Security Manager Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands. | 4.1 |
| 2019-03-26 | CVE-2019-3597 | Unspecified vulnerability in Mcafee Network Security Manager Authentication Bypass vulnerability in McAfee Network Security Manager (NSM) 9.1 < 9.1.7.75.2 and 9.2 < 9.2.7.31 (9.2 Update 2) allows unauthenticated users to gain administrator rights via incorrect handling of expired GUI sessions. | 9.8 |
| 2019-03-21 | CVE-2019-6454 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in sd-bus in systemd 239. local low complexity systemd-project opensuse netapp debian fedoraproject canonical redhat mcafee CWE-787 | 5.5 |
| 2019-03-12 | CVE-2019-3615 | Information Exposure vulnerability in Mcafee Database Security 4.6.6 Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin browser login screen. | 6.8 |
| 2019-02-28 | CVE-2019-3599 | Unspecified vulnerability in Mcafee Agent Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging when it is enabled. | 7.5 |
| 2019-02-28 | CVE-2019-3598 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mcafee Agent Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a denial of service via specifically crafted UDP packets. | 5.3 |
| 2019-02-28 | CVE-2019-3582 | Unspecified vulnerability in Mcafee Endpoint Security Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances. | 7.8 |
| 2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |
| 2019-02-26 | CVE-2019-9169 | Out-of-bounds Read vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. | 9.8 |