|
250511
|
6.5 |
MEDIUM
Network
|
mcafee
|
network_security_manager
|
Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyp…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-3971
|
2024-11-21 12:26 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250512
|
5.9 |
MEDIUM
Network
|
mcafee
|
network_security_manager
|
Abuse of communication channels vulnerability in the server in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows man-in-the-middle attackers to decrypt messages via an inadequate impl…
|
CWE-417
Channel and Path Errors
|
CVE-2017-3969
|
2024-11-21 12:26 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250513
|
6.1 |
MEDIUM
Network
|
mcafee
|
network_security_manager
|
Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via applic…
|
CWE-94
Code Injection
|
CVE-2017-3967
|
2024-11-21 12:26 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250514
|
6.3 |
MEDIUM
Network
|
mcafee
|
network_security_manager
|
Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers …
|
CWE-613
Insufficient Session Expiration
|
CVE-2017-3966
|
2024-11-21 12:26 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250515
|
8.8 |
HIGH
Network
|
mcafee
|
network_security_manager
|
Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized…
|
CWE-352
Origin Validation Error
|
CVE-2017-3965
|
2024-11-21 12:26 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250516
|
5.4 |
MEDIUM
Network
|
mcafee
|
network_security_manager
|
Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a UR…
|
CWE-79
Cross-site Scripting
|
CVE-2017-3964
|
2024-11-21 12:26 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250517
|
4.4 |
MEDIUM
Local
|
mcafee
|
anti-virus_plus
endpoint_security
host_intrusion_prevention
internet_security
total_protection
virus_scan_enterprise
|
Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee pr…
|
CWE-74
Injection
|
CVE-2017-4028
|
2024-11-21 12:26 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250518
|
9.8 |
CRITICAL
Network
|
mcafee
|
network_security_manager
|
Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to execute arbitrary code via the server banner le…
|
CWE-200
Information Exposure
|
CVE-2017-3972
|
2024-11-21 12:26 |
2018-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250519
|
8.8 |
HIGH
Network
|
vmware
|
airwatch
|
VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when accessing the App Catalog. An attacker may exploit this issue by tricking …
|
CWE-352
Origin Validation Error
|
CVE-2017-4951
|
2024-11-21 12:26 |
2018-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250520
|
9.8 |
CRITICAL
Network
|
vmware
|
vrealize_automation
vsphere_integrated_containers
|
VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote a…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-4947
|
2024-11-21 12:26 |
2018-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
