Show filters
148 Total Results
Displaying 71-80 of 148
Sort by:
Attacker Value
Unknown

CVE-2017-3933

Disclosure Date: October 31, 2017 (last updated November 26, 2024)
Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack.
0
0
Attacker Value
Unknown

CVE-2017-3948

Disclosure Date: June 23, 2017 (last updated November 26, 2024)
Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session.
0
0
Attacker Value
Unknown

CVE-2017-4016

Disclosure Date: May 17, 2017 (last updated November 26, 2024)
Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find another hole via HTTP response header.
0
0
Attacker Value
Unknown

CVE-2017-4017

Disclosure Date: May 17, 2017 (last updated November 26, 2024)
User Name Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to view user information via the appliance web interface.
0
0
Attacker Value
Unknown

CVE-2017-4013

Disclosure Date: May 17, 2017 (last updated November 26, 2024)
Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header.
0
0
Attacker Value
Unknown

CVE-2017-4015

Disclosure Date: May 17, 2017 (last updated January 27, 2024)
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2017-4012

Disclosure Date: May 17, 2017 (last updated November 26, 2024)
Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via modification of the HTTP request.
0
0
Attacker Value
Unknown

CVE-2017-4011

Disclosure Date: May 17, 2017 (last updated November 26, 2024)
Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request.
0
0
Attacker Value
Unknown

CVE-2017-4014

Disclosure Date: May 17, 2017 (last updated November 26, 2024)
Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP request.
0
0
Attacker Value
Unknown

CVE-2016-8735

Disclosure Date: April 06, 2017 (last updated June 28, 2024)
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >