Vulnerabilities > Mcafee > Policy Auditor

DATE CVE VULNERABILITY TITLE RISK
2021-11-23 CVE-2021-31851 Cross-site Scripting vulnerability in Mcafee Policy Auditor 5.3.0/5.3.0.167/6.5.1
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the profileNodeID request parameters.
network
low complexity
mcafee CWE-79
6.1
2021-11-23 CVE-2021-31852 Cross-site Scripting vulnerability in Mcafee Policy Auditor 5.3.0/5.3.0.167/6.5.1
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the UID request parameter.
network
low complexity
mcafee CWE-79
6.1
2020-07-14 CVE-2020-15719 Improper Certificate Validation vulnerability in multiple products
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support.
network
high complexity
openldap redhat opensuse mcafee oracle CWE-295
4.0
2019-09-09 CVE-2019-16168 Divide By Zero vulnerability in multiple products
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
6.5
2019-07-26 CVE-2019-13057 An issue was discovered in the server in OpenLDAP before 2.4.48. 3.5
2017-12-18 CVE-2017-17740 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
network
low complexity
openldap opensuse oracle mcafee CWE-119
5.0
2017-05-29 CVE-2017-9287 Double Free vulnerability in multiple products
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability.
network
low complexity
openldap debian redhat mcafee oracle CWE-415
4.0
2016-06-30 CVE-2016-4472 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data.
network
high complexity
libexpat-project canonical mcafee python CWE-119
8.1
2016-05-26 CVE-2016-0718 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
9.8