Vulnerabilities > Mcafee > Policy Auditor
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-23 | CVE-2021-31851 | Cross-site Scripting vulnerability in Mcafee Policy Auditor 5.3.0/5.3.0.167/6.5.1 A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the profileNodeID request parameters. | 6.1 |
2021-11-23 | CVE-2021-31852 | Cross-site Scripting vulnerability in Mcafee Policy Auditor 5.3.0/5.3.0.167/6.5.1 A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the UID request parameter. | 6.1 |
2020-07-14 | CVE-2020-15719 | Improper Certificate Validation vulnerability in multiple products libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. | 4.0 |
2019-09-09 | CVE-2019-16168 | Divide By Zero vulnerability in multiple products In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." | 6.5 |
2019-07-26 | CVE-2019-13057 | An issue was discovered in the server in OpenLDAP before 2.4.48. | 3.5 |
2017-12-18 | CVE-2017-17740 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | 5.0 |
2017-05-29 | CVE-2017-9287 | Double Free vulnerability in multiple products servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. | 4.0 |
2016-06-30 | CVE-2016-4472 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. | 8.1 |
2016-05-26 | CVE-2016-0718 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. | 9.8 |