HackAndPwn
Security & Vulnerability Researcher / Professional Penetration Tester

Home

  • CVE-2020-7314 - McAfee - Incorrect Permission Assignment for Critical Resource

    On macOS platforms, the McAfee Data Exchange Layer Client installer writes out temporary files with incorrect permission that can allow a low privileged user to run commands as root user. The fix for this issue is included in the MA 5.6.6 Update release.


  • CVE-2020-9415 - TIBCO - Arbitrary File Download

    TIBCO Data Virtualization Server contains a vulnerability that theoretically allows a malicious authenticated user to download any arbitrary file from the affected system. The user must be authenticated and have privileges required to monitor the server in an operational capacity.


  • CVE-2020-7307 - McAfee - Insufficiently Protected Credentials

    Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.


  • CVE-2020-7306 - McAfee - Insufficiently Protected Credentials

    Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text credentials.


  • CVE-2019-3588 - McAfee - Improper Privilege Management

    Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.



     Page: 11 of 13     
buy me a coffee