Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee threat intelligence exchange vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-6695
SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle malicious users to spoof servers via acquiring keys from another environment.
Mcafee Threat Intelligence Exchange Server 1.3.0
Mcafee Threat Intelligence Exchange Server
Mcafee Threat Intelligence Exchange Server 2.2.0
187
VMScore
CVE-2019-3612
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL before 5.0.1 HF2 and TIE before 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.
Mcafee Data Exchange Layer
Mcafee Threat Intelligence Exchange
668
VMScore
CVE-2017-3907
Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and previous versions allows remote malicious users to execute arbitrary HTML code to be reflected in the response web page via unspecified vector.
Mcafee Mcafee Threat Intelligence Exchange 2.1.0
187
VMScore
CVE-2015-7238
The Secondary server in Threat Intelligence Exchange (TIE) prior to 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files.
Mcafee Threat Intelligence Exchange
312
VMScore
CVE-2019-3641
Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages.
Mcafee Threat Intelligence Exchange Server 3.0.0
445
VMScore
CVE-2020-2781
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access...
Oracle Jdk 14.0.0
Oracle Jre 14.0.0
Oracle Jdk 11.0.6
Oracle Jre 11.0.6
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.8.0
Oracle Jre 1.7.0
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Openjdk 14
Oracle Openjdk
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Opensuse Leap 15.2
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2020-2830
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network...
Oracle Jre 1.7.0
Oracle Jre 1.8.0
Oracle Jdk 14.0.0
Oracle Jre 14.0.0
Oracle Jdk 11.0.6
Oracle Jre 11.0.6
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Openjdk 14
Oracle Openjdk
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Snapmanager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager
Netapp E-series Santricity Os Controller
Netapp Santricity Unified Manager -
383
VMScore
CVE-2019-3738
RSA BSAFE Crypto-J versions before 6.2.5 are vulnerable to a Missing Required Cryptographic Step vulnerability. A malicious remote attacker could potentially exploit this vulnerability to coerce two parties into computing the same predictable shared key.
Dell Bsafe Ssl-j
Dell Bsafe Crypto-j
Dell Bsafe Cert-j
Mcafee Threat Intelligence Exchange Server 3.0.0
Mcafee Threat Intelligence Exchange Server
Oracle Retail Service Backbone 14.1
Oracle Retail Integration Bus 14.1
Oracle Retail Service Backbone 15.0
Oracle Retail Integration Bus 15.0
Oracle Retail Integration Bus 16.0
Oracle Communications Unified Inventory Management 7.3.2
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Xstore Point Of Service 17.0.3
Oracle Application Performance Management 13.3.0.0
Oracle Database 12.1.0.2
Oracle Database 12.2.0.1
Oracle Database 18c
Oracle Database 19c
Oracle Retail Assortment Planning 15.0.3.0
Oracle Retail Predictive Application Server 14.1.3.0
384
VMScore
CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 by...
Openssl Openssl
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 16.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Santricity Smi-s Provider -
Netapp Element Software -
Netapp Snapdrive -
Netapp Snapcenter -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Unified Manager -
Netapp Oncommand Workflow Automation -
Netapp Storagegrid -
Netapp Storagegrid
Netapp Oncommand Insight -
Netapp Ontap Select Deploy Administration Utility -
Netapp Service Processor -
3 Github repositories
1000
VMScore
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1182 Github repositories
28 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »