|
286321
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentiall…
|
CWE-200
Information Exposure
|
CVE-2014-8525
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286322
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable the autocomplete setting for the password and other fields, which allows remote attackers to obtain sensitive information via un…
|
CWE-200
Information Exposure
|
CVE-2014-8524
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286323
|
- |
|
mcafee
|
network_data_loss_prevention
|
Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vector…
|
CWE-352
Origin Validation Error
|
CVE-2014-8523
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286324
|
- |
|
mcafee
|
network_data_loss_prevention
|
The MySQL database in McAfee Network Data Loss Prevention (NDLP) before 9.3 does not require a password, which makes it easier for remote attackers to obtain access.
|
CWE-287
Improper Authentication
|
CVE-2014-8522
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286325
|
- |
|
mcafee
|
network_data_loss_prevention
|
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2014-8521
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286326
|
- |
|
mcafee
|
network_data_loss_prevention
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information via vectors related to open network ports.
|
CWE-200
Information Exposure
|
CVE-2014-8520
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286327
|
- |
|
mcafee
|
network_data_loss_prevention
|
Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2014-8519
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286328
|
- |
|
mcafee
|
endpoint_encryption_for_files_and_folders
file_and_removable_media_protection
|
The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, an…
|
CWE-255
Credentials Management
|
CVE-2014-8518
|
2024-11-21 11:19 |
2014-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286329
|
- |
|
etiko
|
etiko_cms
|
Multiple SQL injection vulnerabilities in Etiko CMS allow remote attackers to execute arbitrary SQL commands via the (1) page_id parameter to loja/index.php or (2) article_id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2014-8506
|
2024-11-21 11:19 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286330
|
- |
|
etiko
|
etiko_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Etiko CMS allow remote attackers to inject arbitrary web script or HTML via the (1) page_id parameter to loja/index.php or (2) article_id parame…
|
CWE-79
Cross-site Scripting
|
CVE-2014-8505
|
2024-11-21 11:19 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
