Policy Auditor

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-23	CVE-2021-31851	Cross-site Scripting vulnerability in Mcafee Policy Auditor 5.3.0/5.3.0.167/6.5.1 A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the profileNodeID request parameters. network low complexity mcafee CWE-79	6.1
2021-11-23	CVE-2021-31852	Cross-site Scripting vulnerability in Mcafee Policy Auditor 5.3.0/5.3.0.167/6.5.1 A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the UID request parameter. network low complexity mcafee CWE-79	6.1
2020-07-14	CVE-2020-15719	Improper Certificate Validation vulnerability in multiple products libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. network high complexity openldap redhat opensuse mcafee oracle CWE-295	4.2
2019-09-09	CVE-2019-16168	Divide By Zero vulnerability in multiple products In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." network low complexity sqlite netapp canonical fedoraproject debian tenable oracle mcafee CWE-369	6.5
2019-07-26	CVE-2019-13057	An issue was discovered in the server in OpenLDAP before 2.4.48. network low complexity openldap canonical debian opensuse apple mcafee oracle	4.9
2017-12-18	CVE-2017-17740	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. network low complexity openldap opensuse oracle mcafee CWE-119	7.5
2017-05-29	CVE-2017-9287	Double Free vulnerability in multiple products servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. network low complexity openldap debian redhat mcafee oracle CWE-415	6.5
2016-06-30	CVE-2016-4472	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. network high complexity libexpat-project canonical mcafee python CWE-119	8.1
2016-05-26	CVE-2016-0718	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. network low complexity mozilla apple suse opensuse canonical libexpat-project debian mcafee python CWE-119 critical	9.8