Vulnerabilities > Mcafee
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2019-6454 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in sd-bus in systemd 239. local low complexity systemd-project opensuse netapp debian fedoraproject canonical redhat mcafee CWE-787 | 5.5 |
| 2019-03-12 | CVE-2019-3615 | Information Exposure vulnerability in Mcafee Database Security 4.6.6 Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin browser login screen. | 6.8 |
| 2019-02-28 | CVE-2019-3599 | Unspecified vulnerability in Mcafee Agent Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging when it is enabled. | 7.5 |
| 2019-02-28 | CVE-2019-3598 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mcafee Agent Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a denial of service via specifically crafted UDP packets. | 5.3 |
| 2019-02-28 | CVE-2019-3582 | Unspecified vulnerability in Mcafee Endpoint Security Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances. | 7.8 |
| 2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |
| 2019-02-26 | CVE-2019-9169 | Out-of-bounds Read vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. | 9.8 |
| 2019-02-21 | CVE-2018-6687 | Infinite Loop vulnerability in Mcafee Getsusp 3.0.0.461 Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSusp (GetSusp) 3.0.0.461 and earlier allows attackers to DoS a manual GetSusp scan via while scanning a specifically crafted file . | 5.5 |
| 2019-02-13 | CVE-2019-3610 | Information Exposure vulnerability in Mcafee True KEY 3.1.9211.0 Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware. | 5.5 |
| 2019-02-01 | CVE-2019-3604 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Epolicy Orchestrator Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors. | 8.8 |