Vulnerabilities > Mcafee > Threat Intelligence Exchange Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-15 | CVE-2020-0543 | Incomplete Cleanup vulnerability in multiple products Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2020-04-15 | CVE-2020-2830 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). | 5.3 |
| 2020-04-15 | CVE-2020-2781 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). | 5.3 |
| 2019-11-13 | CVE-2019-3641 | Unspecified vulnerability in Mcafee Threat Intelligence Exchange Server 3.0.0 Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages. | 4.5 |
| 2019-09-18 | CVE-2019-3738 | Missing Required Cryptographic Step vulnerability in multiple products RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. | 6.5 |
| 2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |
| 2018-10-03 | CVE-2018-6695 | Unspecified vulnerability in Mcafee Threat Intelligence Exchange Server SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment. | 5.9 |