CVE-2017-15308

Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be loaded and run...

CVE-2017-15308

Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be loaded and run...

Input validation

Huawei iReader app before 8.0.2.301 has an input validation vulnerability due to insufficient validation on the URL used for loading network data. An attacker can control app access and load malicious websites created by the attacker, and the code in webpages would be loaded and run...

CVE-2017-15308

CVE-2017-15308 concerns the Huawei iReader app prior to 8.0.2.301, with an input-validation vulnerability on the URL used to load network data. The issue allows an attacker to control app access and load malicious websites, causing the code in loaded webpages to run. The CVE is confirmed in Huawe...

McAfee Network Data Loss Prevention Information Disclosure Vulnerability (CNVD-2017-36337)

McAfee Network Data Loss Prevention NDLP is a suite of network data loss prevention software from the American company McAfee. A security vulnerability exists in McAfee NDLP. An attacker could exploit the vulnerability to cause the response body to display other content types...

Memory corruption

In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvancedProtection" crash. Although the mechanism malfunctions and an error occurs during the runtime...

CVE-2017-16637

In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvancedProtection" crash. Although the mechanism malfunctions and an error occurs during the runtime...

CVE-2017-16637

In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, a critical error occurs which leads to a "FrmAdvancedProtection" crash. Although the mechanism malfunctions and an error occurs during the runtime...

McAfee Network Data Loss Prevention server Man-in-the-Middle Attack Vulnerability

McAfee Network Data Loss Prevention NDLP is a suite of network data loss prevention software from McAfee, Inc. in the United States. The software prevents unintentional or malicious disclosure of customer data, employee information and intellectual property information, as well as unauthorized...

Code injection

Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type...

CVE-2017-3935

Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type...

CVE-2017-3935

Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type...

CVE-2017-3934

Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows man-in-the-middle attackers to expose confidential data via read files on the webserver...

CVE-2017-3935

Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type...

CVE-2017-3935

CVE-2017-3935 affects McAfee Network Data Loss Prevention (NDLP). All connected sources describe a MIME type sniffing vulnerability where the response body could be interpreted/displayed as a content type different from the intended one, potentially impacting how IE renders the content. The root ...

The vulnerability of the SSL software used in Backup Exec’s backup and recovery services allows attackers to execute arbitrary code or trigger a service failure.

The vulnerability of Backup Exec’s SSL software for backup and restoration services relates to the use of memory after it is freed i.e., after the agent completes its tasks. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code or cause service failures using...

IBM QRadar SIEM Security Bypass Vulnerability

IBM QRadar SIEM consolidates log event and network flow data from thousands of devices, endpoints and applications scattered across the network. IBM QRadar SIEM is prone to a security bypass vulnerability. An attacker could exploit this vulnerability to bypass security restrictions and perform...

McAfee Network Data Loss Prevention Information Disclosure Vulnerability (CNVD-2017-07551)

McAfee Network Data Loss Prevention is a data leakage protection solution. McAfee Network Data Loss Prevention NDLP suffers from an information disclosure vulnerability in the server implementation, which can be exploited by remote attackers to view product information via the HTTP response heade...

McAfee Network Data Loss Prevention Information Disclosure Vulnerability (CNVD-2017-07548)

McAfee Network Data Loss Prevention is a data leakage protection solution. McAfee Network Data Loss Prevention NDLP has a Web server information leakage vulnerability in the server implementation, which can be exploited by remote attackers to exploit other vulnerabilities via the HTTP response...

CVE-2017-4013

Banner Disclosure in the server in McAfee Network Data Loss Prevention NDLP 9.3.x allows remote attackers to obtain product information via HTTP response header...