|
280091
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors.
|
CWE-310
Cryptographic Issues
|
CVE-2014-8529
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280092
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log.
|
CWE-200
Information Exposure
|
CVE-2014-8528
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280093
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information and affect integrity via vectors related to a "plain text password."
|
CWE-255
Credentials Management
|
CVE-2014-8527
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280094
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace.
|
CWE-200
Information Exposure
|
CVE-2014-8526
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280095
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentiall…
|
CWE-200
Information Exposure
|
CVE-2014-8525
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280096
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable the autocomplete setting for the password and other fields, which allows remote attackers to obtain sensitive information via un…
|
CWE-200
Information Exposure
|
CVE-2014-8524
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280097
|
- |
|
mcafee
|
network_data_loss_prevention
|
Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vector…
|
CWE-352
Origin Validation Error
|
CVE-2014-8523
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280098
|
- |
|
mcafee
|
network_data_loss_prevention
|
The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access.
|
CWE-287
Improper Authentication
|
CVE-2014-8522
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280099
|
- |
|
mcafee
|
network_data_loss_prevention
|
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2014-8521
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280100
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information via vectors related to open network ports.
|
CWE-200
Information Exposure
|
CVE-2014-8520
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
