CVE-2019-1559

OpenSSL vulnerability CVE-2019-1559 describes a padding-oracle weakness where, if an application encounters a fatal protocol error and then calls SSL_shutdown() twice (to send close_notify and to receive one), the server may respond differently to a 0-byte record with invalid padding versus inval...

CVE-2020-7252

CVE-2020-7252 affects McAfee Data eXchange Layer (DXL) Framework, specifically the DXL Broker. The issue is an unquoted service executable path in DXL Broker versions up to 6.0.0 and earlier, which local users can exploit to trigger a denial of service and execute arbitrary files via carefully cr...

CVE-2022-2188

CVE-2022-2188 affects Trellix DXL Broker for Windows prior to 6.0.0.280. The root cause is weak directory access controls in the logs directory, enabling local users to escalate privileges and potentially cause a denial-of-service against the DXL Broker. Remediation is to upgrade to version 6.0.0...

CVE-2016-3984

CVE-2016-3984 affects McAfee VirusScan Console and multiple McAfee components (MAR, MA, DXL, DLPe, MDC, ENS, IPS, VSE) on Windows. Local administrators can bypass self-protection rules and disable the antivirus engine by modifying registry keys. Impact: partial to full antivirus disablement; CVSS...

CVE-2019-3612

McAfee DXL Platform and McAfee TIE Server contain an Information Disclosure vulnerability (CVE-2019-3612). The issue allows authenticated users to view sensitive information in plain text via the GUI or command line. Affected products: McAfee DXL Platform prior to 5.0.1 HF2 and McAfee TIE Server ...