Vulnerabilities > Mcafee > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-29 | CVE-2014-8532 | Information Disclosure Weakness in McAfee Network Data Loss Prevention 8.6/9.2.0/9.2.1 Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting. | 3.6 |
| 2014-10-29 | CVE-2014-8534 | Unspecified vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0 Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field. | 2.1 |
| 2014-10-29 | CVE-2014-8536 | Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0 McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. | 2.1 |
| 2014-10-29 | CVE-2014-8537 | Information Exposure vulnerability in Mcafee Network Data Loss Prevention 8.6/9.2.0 McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs. | 2.1 |
| 2012-08-22 | CVE-2009-5117 | Information Exposure vulnerability in Mcafee Host Data Loss Prevention 3.0.100.6/9.0.0.416 The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files. | 1.9 |
| 2012-08-22 | CVE-2010-5143 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Virusscan Enterprise McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module. | 2.6 |
| 2012-08-22 | CVE-2012-4584 | Cryptographic Issues vulnerability in Mcafee Email and web Security and Email Gateway McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easier for remote authenticated users to obtain sensitive information by reading a backup file, as demonstrated by obtaining password hashes. | 3.5 |
| 2012-08-22 | CVE-2012-4586 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Email and web Security and Email Gateway McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file. | 3.5 |
| 2012-08-22 | CVE-2012-4587 | Permissions, Privileges, and Access Controls vulnerability in Mcafee products McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote attackers to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device. | 3.5 |
| 2012-08-22 | CVE-2012-4589 | Unspecified vulnerability in Mcafee Enterprise Mobility Manager 4.7 Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | 2.1 |