Vulnerabilities > Mcafee > Policy Auditor > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-11-23 CVE-2021-31851 Cross-site Scripting vulnerability in Mcafee Policy Auditor 5.3.0/5.3.0.167/6.5.1
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the profileNodeID request parameters.
network
low complexity
mcafee CWE-79
6.1
2021-11-23 CVE-2021-31852 Cross-site Scripting vulnerability in Mcafee Policy Auditor 5.3.0/5.3.0.167/6.5.1
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the UID request parameter.
network
low complexity
mcafee CWE-79
6.1
2020-07-14 CVE-2020-15719 Improper Certificate Validation vulnerability in multiple products
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support.
network
high complexity
openldap redhat opensuse mcafee oracle CWE-295
4.2
2019-09-09 CVE-2019-16168 Divide By Zero vulnerability in multiple products
In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner."
6.5
2019-07-26 CVE-2019-13057 An issue was discovered in the server in OpenLDAP before 2.4.48. 4.9
2017-05-29 CVE-2017-9287 Double Free vulnerability in multiple products
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability.
network
low complexity
openldap debian redhat mcafee oracle CWE-415
6.5