|
199641
|
7.3 |
HIGH
Local
|
philips
|
smartcontrol
|
An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placin…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-7360
|
2024-11-21 14:37 |
2020-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199642
|
5.2 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention
|
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-7307
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199643
|
5.2 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention
|
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-7306
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199644
|
6.5 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user …
|
CWE-269
Improper Privilege Management
|
CVE-2020-7305
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199645
|
7.6 |
HIGH
Adjacent
|
mcafee
|
data_loss_prevention
|
Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.
|
CWE-352
Origin Validation Error
|
CVE-2020-7304
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199646
|
4.1 |
MEDIUM
Adjacent
|
mcafee
|
data_loss_prevention
|
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new l…
|
CWE-79
Cross-site Scripting
|
CVE-2020-7303
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199647
|
6.4 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-7302
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199648
|
4.6 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case manageme…
|
CWE-79
Cross-site Scripting
|
CVE-2020-7301
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199649
|
6.3 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only…
|
CWE-863
Incorrect Authorization
|
CVE-2020-7300
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199650
|
7.8 |
HIGH
Local
|
documalis
|
free_pdf_scanner
free_pdf_editor
|
Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit thi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-7374
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
