18 matches found
EUVD-2019-13222
Malware in sbrugna...
EUVD-2018-18408
Malware in sbrugna...
Security Bulletin: Multiple vulnerabilities in IBM DB2
Summary Multiple vulnerabilities have been found in IBM DB2. DB2 users should refer to the security bulletins listed below for remediation actions. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products|...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM ILOG CPLEX Optimization Studio
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 8 used by IBM CPLEX Optimization Studio. IBM CPLEX Optimization Studio has addressed the applicable CVEs. Vulnerability Details If you run your own Java code using the IBM Java Runtime delivered with this product...
CVE-2019-3585 VSE Escalation of Privileges through Alert pop-up window
Privilege Escalation vulnerability in Microsoft Windows client McTray.exe in McAfee VirusScan Enterprise VSE 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges...
Authentication flaw
Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy MCP prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be...
CVE-2019-3648
CVE-2019-3648 is a local privilege-escalation in McAfee Total Protection for Windows (client) affecting 16.0.R22 and earlier. The root cause is privilege-protected file placements that allow an administrator to execute arbitrary code. Impact is local code execution with elevated privileges if a a...
Code injection
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext...
CVE-2019-3610 True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability
Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key TK 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware...
Spoofing
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection MTP Prior to 16.0.18 allows local users to execute arbitrary code via execution from a compromised folder...
Directory traversal
Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key TK 5.1.230.7 and earlier allows local users to execute arbitrary code via specially crafted malware...
Spoofing
DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key TK before 5.1.165 allows local users to execute arbitrary code via specially crafted malware...
CVE-2018-6700 True Key (TK) - DLL Search Order Hijacking vulnerability
DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key TK before 5.1.165 allows local users to execute arbitrary code via specially crafted malware...
CVE-2018-6690
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control MACC 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system...
CVE-2018-6674
Privilege Escalation vulnerability in Microsoft Windows client McTray.exe in McAfee VirusScan Enterprise VSE 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges by default it runs with...
Privilege escalation
DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature...
CVE-2018-6661 TS102801 True Key DLL Side-Loading vulnerability
DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature...
Microsoft Windows Client/Server Run-time Subsystem Privilege Escalation Vulnerability (2790113)
This host is missing an important security update according to Microsoft Bulletin MS13-019. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...