Lucene search
K
McafeePolicy Auditor

9 matches found

CVE
CVE
added 2019/09/09 4:7 p.m.697 views

CVE-2019-16168

CVE-2019-16168 affects SQLite up to version 3.29.0, whereLoopAddBtreeIndex in sqlite3.c may crash a browser/application due to missing validation of sqlite_stat1 sz, described as a severe division by zero in the query planner. Connected documents show multiple advisories referencing the fix in SQ...

6.5CVSS7AI score0.04253EPSS
CVE
CVE
added 2019/07/26 12:19 p.m.530 views

CVE-2019-13057

CVE-2019-13057 affects Cloud Pak for Security (CP4S) via OpenLDAP openldap server delegation: slapd may allow a rootDN (database admin) to be granted authorization as an identity from another database during SASL bind or RFC 4370 proxyAuthz control, enabling potential leakage of sensitive informa...

4.9CVSS5.9AI score0.0321EPSS
CVE
CVE
added 2020/07/14 1:47 p.m.463 views

CVE-2020-15719

CVE-2020-15719 affects libldap in certain third‑party OpenLDAP packages. A certificate‑validation flaw occurs when RFC6125 support is asserted: CN is considered valid even if SAN does not match. The issue is fixed in at least openldap-2.4.46-10.el8 (Red Hat Enterprise Linux). The connected docume...

4.2CVSS4.2AI score0.02417EPSS
CVE
CVE
added 2016/05/26 4:0 p.m.421 views

CVE-2016-0718

CVE-2016-0718 is evidenced in connected Apple documents as part of the Expat (libexpat) updates applied to OS X El Capitan and iTunes-related components. The Expat/libexpat entry notes that processing XML can trigger vulnerabilities in affected builds, with CVE-2016-0718 specifically associated w...

9.8CVSS8.7AI score0.13802EPSS
CVE
CVE
added 2017/05/29 4:0 p.m.248 views

CVE-2017-9287

CVE-2017-9287 affects OpenLDAP slapd back-mdb/search.c and allows a remote crash via a search using Paged Results with page size 0. Public sources in connected docs confirm OpenLDAP versions up to 2.4.44 are affected, with multiple advisories noting a double-free denial-of-service in OpenLDAP and...

6.5CVSS6.4AI score0.07143EPSS
CVE
CVE
added 2016/06/30 5:0 p.m.222 views

CVE-2016-4472

CVE-2016-4472 affects the Expat XML parser: overflow protections can be removed by compilers with certain optimizations, allowing remote attackers to cause a crash or potentially execute code via crafted XML. The entry notes this stems from an incomplete fix for CVE-2015-1283 and CVE-2015-2716. C...

8.1CVSS8.9AI score0.12367EPSS
CVE
CVE
added 2017/12/18 6:0 a.m.218 views

CVE-2017-17740

CVE-2017-17740 : OpenLDAP up to 2.4.45 is affected when both the nops module and the memberof overlay are enabled. The code path in contrib/slapd-modules/nops/nops.c frees a buffer allocated on the stack, which can cause a denial of service (slapd crash) via a remote client issuing a member MODDN...

7.5CVSS7.3AI score0.07022EPSS
CVE
CVE
added 2021/11/23 7:16 p.m.52 views

CVE-2021-31852

The CVE-2021-31852 entry concerns McAfee Policy Auditor prior to 6.5.2, where a Reflected Cross-Site Scripting vulnerability exists in the web interface via the UID parameter. The attacker can remotely inject arbitrary script or HTML, reflected into the UI, potentially exfiltrating end‑user sessi...

6.1CVSS6.1AI score0.00786EPSS
CVE
CVE
added 2021/11/23 7:16 p.m.49 views

CVE-2021-31851

The CVE-2021-31851 entry concerns McAfee Policy Auditor prior to version 6.5.2, which is affected by a Reflected Cross-Site Scripting vulnerability. A remote unauthenticated attacker can inject arbitrary web script or HTML via the profileNodeID parameter; the script is reflected into the Policy A...

6.1CVSS6.1AI score0.00793EPSS