CVE-2014-8521
https://notcve.org/view.php?id=CVE-2014-8521
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2014-8529
https://notcve.org/view.php?id=CVE-2014-8529
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 almacena la clave SSH en texto plano, lo que permite a usuarios locales obtener información sensible a través de vectores no especificados. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-310: Cryptographic Issues •
CVE-2014-8536
https://notcve.org/view.php?id=CVE-2014-8536
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. McAfee Network Data Loss Prevention (NDLP) anterior a 9.2.2 permite a usuarios locales obtener información sensible mediante la lectura de mensajes de error no especificados. • http://www.securityfocus.com/bid/70840 https://exchange.xforce.ibmcloud.com/vulnerabilities/98427 https://kc.mcafee.com/corporate/index?page=content&id=SB10044 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-8526
https://notcve.org/view.php?id=CVE-2014-8526
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a usuarios locales obtener información sensible mediante la lectura de una traza de pilas Java. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2009-5117
https://notcve.org/view.php?id=CVE-2009-5117
The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files. La funcionalidad Web Post Protection en McAfee Host Data Loss Prevention (DLP) v3.x anteriores a v3.0.100.10 y v9.x anteriores a v9.0.0.422, cunado el modo HTTP Capture está activado, permite a usuarios locales a obtener información sensible del tráfico web leyendo ficheros no especificados. • https://exchange.xforce.ibmcloud.com/vulnerabilities/78447 https://kc.mcafee.com/corporate/index?page=content&id=SB10011 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •