Home
-
CVE-2020-7314 - McAfee - Incorrect Permission Assignment for Critical Resource
On macOS platforms, the McAfee Data Exchange Layer Client installer writes out temporary files with incorrect permission that can allow a low privileged user to run commands as root user. The fix for this issue is included in the MA 5.6.6 Update release.
-
CVE-2020-9415 - TIBCO - Arbitrary File Download
TIBCO Data Virtualization Server contains a vulnerability that theoretically allows a malicious authenticated user to download any arbitrary file from the affected system. The user must be authenticated and have privileges required to monitor the server in an operational capacity.
-
CVE-2020-7307 - McAfee - Insufficiently Protected Credentials
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.
-
CVE-2020-7306 - McAfee - Insufficiently Protected Credentials
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text credentials.
-
CVE-2019-3588 - McAfee - Improper Privilege Management
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.