Total
34113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-3641 | 1 Mcafee | 1 Threat Intelligence Exchange Server | 2024-11-21 | 3.5 LOW | 4.5 MEDIUM |
| Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages. | |||||
| CVE-2019-3637 | 1 Mcafee | 1 File And Removable Media Protection | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.209 allows local users to gain elevated privileges via running McAfee Tray with elevated privileges. | |||||
| CVE-2019-3635 | 1 Mcafee | 1 Web Gateway | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12 allows attackers to obtain sensitive data via crafting a complex webpage that will trigger the Web Gateway to block the user accessing an iframe. | |||||
| CVE-2019-3629 | 1 Mcafee | 1 Enterprise Security Manager | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters. | |||||
| CVE-2019-3628 | 1 Mcafee | 1 Enterprise Security Manager | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control. | |||||
| CVE-2019-3621 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The attacker requires physical access to the machine. | |||||
| CVE-2019-3599 | 1 Mcafee | 1 Agent | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging when it is enabled. | |||||
| CVE-2019-3597 | 1 Mcafee | 1 Network Security Manager | 2024-11-21 | 7.5 HIGH | 6.5 MEDIUM |
| Authentication Bypass vulnerability in McAfee Network Security Manager (NSM) 9.1 < 9.1.7.75.2 and 9.2 < 9.2.7.31 (9.2 Update 2) allows unauthenticated users to gain administrator rights via incorrect handling of expired GUI sessions. | |||||
| CVE-2019-3593 | 2 Mcafee, Microsoft | 2 Total Protection, Windows | 2024-11-21 | 5.6 MEDIUM | 7.5 HIGH |
| Exploitation of Privilege/Trust vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.R18 allows local users to bypass product self-protection, tamper with policies and product files, and uninstall McAfee software without permission via specially crafted malware. | |||||
| CVE-2019-3592 | 1 Mcafee | 1 Agent | 2024-11-21 | 4.6 MEDIUM | 7.2 HIGH |
| Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by manipulating the MA directory control and placing a carefully constructed file in the MA directory. | |||||
| CVE-2019-3582 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 6.1 MEDIUM | 8.6 HIGH |
| Privilege Escalation vulnerability in Microsoft Windows client in McAfee Endpoint Security (ENS) 10.6.1 and earlier allows local users to gain elevated privileges via a specific set of circumstances. | |||||
| CVE-2019-3566 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A bug in WhatsApp for Android's messaging logic would potentially allow a malicious individual who has taken over over a WhatsApp user's account to recover previously sent messages. This behavior requires independent knowledge of metadata for previous messages, which are not available publicly. This issue affects WhatsApp for Android 2.19.52 and 2.19.54 - 2.19.103, as well as WhatsApp Business for Android starting in v2.19.22 until v2.19.38. | |||||
| CVE-2019-3493 | 1 Microfocus | 2 Network Automation, Network Operations Management | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. The vulnerability could be remotely exploited to Remote Code Execution. | |||||
| CVE-2019-3484 | 1 Hp | 1 Arcsight Logger | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Mitigates a remote code execution issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-3483 | 1 Hp | 1 Arcsight Logger | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| Mitigates a potential information leakage issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-3479 | 1 Hp | 1 Arcsight Logger | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Mitigates a potential remote code execution issue in ArcSight Logger versions prior to 6.7. | |||||
| CVE-2019-3476 | 1 Microfocus | 1 Data Protector | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution. | |||||
| CVE-2019-3462 | 3 Canonical, Debian, Netapp | 5 Ubuntu Linux, Advanced Package Tool, Debian Linux and 2 more | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine. | |||||
| CVE-2019-3430 | 1 Zte | 1 Zxcloud Goldendata Vap | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product have an information disclosure vulnerability. Attackers could use this vulnerability to collect data information and damage the system. | |||||
| CVE-2019-3428 | 1 Zte | 2 Zxcdn Iamweb, Zxcdn Iamweb Firmware | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a configuration error vulnerability. An attacker could directly access the management portal in HTTP, resulting in users’ information leakage. | |||||