Vulnerabilities > Mcafee > True KEY

DATE CVE VULNERABILITY TITLE RISK
2020-09-04 CVE-2020-7299 Insufficiently Protected Credentials vulnerability in Mcafee True KEY 5.1.165
Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific situations.
local
high complexity
mcafee CWE-522
4.1
2019-02-13 CVE-2019-3610 Information Exposure vulnerability in Mcafee True KEY 3.1.9211.0
Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.
local
low complexity
mcafee CWE-200
5.5
2018-12-06 CVE-2018-6757 Unspecified vulnerability in Mcafee True KEY
Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.
local
low complexity
mcafee
7.8
2018-12-06 CVE-2018-6756 Unspecified vulnerability in Mcafee True KEY
Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware.
local
low complexity
mcafee
7.8
2018-12-06 CVE-2018-6755 Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee True KEY
Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware.
local
low complexity
mcafee CWE-732
7.8
2018-09-24 CVE-2018-6700 Untrusted Search Path vulnerability in Mcafee True KEY
DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware.
local
low complexity
mcafee CWE-426
7.8
2018-09-24 CVE-2018-6682 Cross-site Scripting vulnerability in Mcafee True KEY 4.0.0.0
Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site.
network
low complexity
mcafee CWE-79
6.1
2018-04-02 CVE-2018-6661 Untrusted Search Path vulnerability in Mcafee True KEY 3.1.9211.0/4.0.0.0/4.20
DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature.
local
low complexity
mcafee CWE-426
7.8