Vulnerabilities > Mcafee > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2020-2593 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). 5.8
2020-01-15 CVE-2020-2590 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). 4.3
2020-01-15 CVE-2020-2583 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). 4.3
2019-12-03 CVE-2019-3666 Unspecified vulnerability in Mcafee Webadvisor
API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site.
network
low complexity
mcafee
6.5
2019-12-03 CVE-2019-3665 Code Injection vulnerability in Mcafee Webadvisor
Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would normally have blocked via a carefully crafted web site.
network
low complexity
mcafee CWE-94
6.5
2019-11-14 CVE-2019-3662 Path Traversal vulnerability in Mcafee Advanced Threat Defense
Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via carefully constructed HTTP requests.
network
low complexity
mcafee CWE-22
6.5
2019-11-14 CVE-2019-3640 Cleartext Transmission of Sensitive Information vulnerability in Mcafee Data Loss Prevention
Unprotected Transport of Credentials in ePO extension in McAfee Data Loss Prevention 11.x prior to 11.4.0 allows remote attackers with access to the network to collect login details to the LDAP server via the ePO extension not using a secure connection when testing LDAP connectivity.
network
low complexity
mcafee CWE-319
6.5
2019-11-13 CVE-2019-3650 Unspecified vulnerability in Mcafee Advanced Threat Defense
Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.
network
low complexity
mcafee
6.5
2019-11-13 CVE-2019-3649 Information Exposure Through Log Files vulnerability in Mcafee Advanced Threat Defense
Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files.
network
low complexity
mcafee CWE-532
6.5
2019-11-13 CVE-2019-3641 Unspecified vulnerability in Mcafee Threat Intelligence Exchange Server 3.0.0
Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages.
network
low complexity
mcafee
4.5