Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-20	CVE-2022-1254	Open Redirect vulnerability in Mcafee web Gateway A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior to 9.2.20, 8.x prior to 8.2.27, and 7.x prior to 7.8.2.31, and controlled release 11.x prior to 11.1.3 allows a remote attacker to redirect a user to a malicious website controlled by the attacker. network low complexity mcafee CWE-601	6.1
2021-03-25	CVE-2021-3449	NULL Pointer Dereference vulnerability in multiple products An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. network high complexity openssl debian freebsd netapp tenable fedoraproject mcafee checkpoint oracle sonicwall siemens nodejs CWE-476	5.9
2020-09-16	CVE-2020-7297	Improper Authentication vulnerability in Mcafee web Gateway Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected dashboard data via improper access control in the user interface. low complexity mcafee CWE-287	5.7
2020-09-15	CVE-2020-7296	Improper Authentication vulnerability in Mcafee web Gateway Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface. low complexity mcafee CWE-287	5.7
2020-09-15	CVE-2020-7295	Improper Authentication vulnerability in Mcafee web Gateway Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface. low complexity mcafee CWE-287	4.6
2020-09-15	CVE-2020-7294	Improper Authentication vulnerability in Mcafee web Gateway Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface. low complexity mcafee CWE-287	4.6
2020-07-15	CVE-2020-7292	Inappropriate Encoding for Output Context vulnerability in Mcafee web Gateway Inappropriate Encoding for output context vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows a remote attacker to cause MWG to return an ambiguous redirect response via getting a user to click on a malicious URL. network low complexity mcafee CWE-838	4.3
2019-08-14	CVE-2019-3635	Unspecified vulnerability in Mcafee web Gateway Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe. network low complexity mcafee	6.5
2019-08-13	CVE-2019-9516	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. network low complexity apple apache canonical debian fedoraproject synology opensuse redhat oracle mcafee f5 nodejs CWE-770	6.5
2019-03-21	CVE-2019-6454	Out-of-bounds Write vulnerability in multiple products An issue was discovered in sd-bus in systemd 239. local low complexity systemd-project opensuse netapp debian fedoraproject canonical redhat mcafee CWE-787	5.5