Page 14 of 71 results (0.006 seconds)

CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 almacena la clave SSH en texto plano, lo que permite a usuarios locales obtener información sensible a través de vectores no especificados. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-310: Cryptographic Issues •

CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0

McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. McAfee Network Data Loss Prevention (NDLP) anterior a 9.2.2 permite a usuarios locales obtener información sensible mediante la lectura de mensajes de error no especificados. • http://www.securityfocus.com/bid/70840 https://exchange.xforce.ibmcloud.com/vulnerabilities/98427 https://kc.mcafee.com/corporate/index?page=content&id=SB10044 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace. McAfee Network Data Loss Prevention (NDLP) anterior a 9.3 permite a usuarios locales obtener información sensible mediante la lectura de una traza de pilas Java. • https://kc.mcafee.com/corporate/index?page=content&id=SB10053 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 1.9EPSS: 0%CPEs: 2EXPL: 0

The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files. La funcionalidad Web Post Protection en McAfee Host Data Loss Prevention (DLP) v3.x anteriores a v3.0.100.10 y v9.x anteriores a v9.0.0.422, cunado el modo HTTP Capture está activado, permite a usuarios locales a obtener información sensible del tráfico web leyendo ficheros no especificados. • https://exchange.xforce.ibmcloud.com/vulnerabilities/78447 https://kc.mcafee.com/corporate/index?page=content&id=SB10011 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •