Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee database security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-1709
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical systems.
Connectwise Screenconnect
5 Github repositories
11 Articles
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1162 Github repositories
28 Articles
4.9
CVSSv2
CVE-2021-31850
A denial-of-service vulnerability in Database Security (DBS) before 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of direct...
Mcafee Database Security
3.5
CVSSv2
CVE-2021-31830
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in McAfee Database Security (DBSec) before 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be tr...
Mcafee Database Security
6.5
CVSSv2
CVE-2021-31831
Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) before 4.8.2 allows a remote authenticated malicious user to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was onl...
Mcafee Database Security
2.7
CVSSv2
CVE-2021-23896
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) before 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user...
Mcafee Database Security
10
CVSSv2
CVE-2021-23894
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) before 4.8.2 allows a remote unauthenticated malicious user to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the...
Mcafee Database Security
9
CVSSv2
CVE-2021-23895
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) before 4.8.2 allows a remote authenticated malicious user to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the D...
Mcafee Database Security
5
CVSSv2
CVE-2021-23840
Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be...
Openssl Openssl
Debian Debian Linux 10.0
Tenable Nessus Network Monitor 5.11.1
Tenable Nessus Network Monitor 5.12.0
Tenable Nessus Network Monitor 5.12.1
Tenable Nessus Network Monitor 5.13.0
Tenable Nessus Network Monitor 5.11.0
Tenable Log Correlation Engine
Oracle Business Intelligence 12.2.1.3.0
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Mysql Server
Oracle Nosql Database
Oracle Jd Edwards Enterpriseone Tools
Oracle Business Intelligence 5.9.0.0.0
Oracle Communications Cloud Native Core Policy 1.15.0
1 Github repository
5.8
CVSSv2
CVE-2020-7339
Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor before 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and ...
Mcafee Database Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »