Vulnerabilities > Mcafee > True KEY
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-04 | CVE-2020-7299 | Insufficiently Protected Credentials vulnerability in Mcafee True KEY 5.1.165 Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific situations. | 4.1 |
| 2019-02-13 | CVE-2019-3610 | Information Exposure vulnerability in Mcafee True KEY 3.1.9211.0 Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware. | 5.5 |
| 2018-12-06 | CVE-2018-6757 | Unspecified vulnerability in Mcafee True KEY Privilege Escalation vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. | 7.8 |
| 2018-12-06 | CVE-2018-6756 | Unspecified vulnerability in Mcafee True KEY Authentication Abuse vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute unauthorized commands via specially crafted malware. | 7.8 |
| 2018-12-06 | CVE-2018-6755 | Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee True KEY Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware. | 7.8 |
| 2018-09-24 | CVE-2018-6700 | Untrusted Search Path vulnerability in Mcafee True KEY DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware. | 7.8 |
| 2018-09-24 | CVE-2018-6682 | Cross-site Scripting vulnerability in Mcafee True KEY 4.0.0.0 Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site. | 6.1 |
| 2018-04-02 | CVE-2018-6661 | Untrusted Search Path vulnerability in Mcafee True KEY 3.1.9211.0/4.0.0.0/4.20 DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature. | 7.8 |