1985 matches found
Mcafee Database Security Server Code Issue Vulnerability (CNVD-2021-39504)
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A code...
SQL Injection Vulnerability in OLYM Reporter of Shenzhen Aolian Information Security Technology Co.
hereinafter referred to as "AOLINK" is a comprehensive cryptographic security enterprise integrating algorithm development, product research and development, solution realization, standard formulation and forward-looking technology research, and possessing the international leading comprehensive...
McAfee Database Security Cross-Site Scripting Vulnerability
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...
Mcafee Database Security Server Sensitive Information Plaintext Transfer Vulnerability
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...
CVE-2020-36004
AppCMS 2.0.101 is affected by a SQL injection in /admin/download_frame.php. The vulnerability, described in multiple sources (e.g., CNVD/CNNVD entries), allows an attacker to obtain sensitive information from the database. The Connected documents confirm the affected component and vulnerability c...
CVE-2021-31830
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized...
CVE-2021-31831
Incorrect access to deleted scripts vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the...
CVE-2021-31831
Incorrect access to deleted scripts vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the...
Design/Logic Flaw
Incorrect access to deleted scripts vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the...
CVE-2021-31830 Cross site Scripting (XSS) vulnerability in McAfee DBSec
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized...
CVE-2021-31831 Incorrect access to deleted scripts vulnerability in McAfee DBSec
Incorrect access to deleted scripts vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the...
McAfee 安全漏洞
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...
McAfee 数据库 跨站脚本漏洞
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with a holistic view of the database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...
McAfee 数据库 安全漏洞
Mcafee Database Security Server is a database security software from Mcafee USA. The software provides users with an overall view of their database and the corresponding security status, protecting business-critical databases from external, internal and insider database threats in real time. A...
PT-2021-19533 · Mcafee · Mcafee Database Security
Name of the Vulnerable Software and Affected Versions: McAfee Database Security versions prior to 4.8.2 Description: The issue allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized user logs into the...
CVE-2021-23896
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security DBSec prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to...
CVE-2021-23895
Deserialization of untrusted data vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server...
CVE-2021-23894
Deserialization of untrusted data vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server...
CVE-2021-23895
CVE-2021-23895 describes a deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2. A remote authenticated attacker can abuse a crafted Java serialized object sent to the DBSec server to spawn a reverse shell with administrator privileges. Affected compo...