Every CVE whose affected-product data names Mcafee Policy Auditor, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2016-0718 — CVSS 9.8 (critical): Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input…
CVE-2016-4472 — CVSS 8.1 (high): The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a…
CVE-2017-17740 — CVSS 7.5 (high): contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to…
CVE-2019-16168 — CVSS 6.5 (medium): In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a…
CVE-2017-9287 — CVSS 6.5 (medium): servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the…
CVE-2021-31852 — CVSS 6.1 (medium): A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject…
CVE-2021-31851 — CVSS 6.1 (medium): A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject…
CVE-2019-13057 — CVSS 4.9 (medium): An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges…
CVE-2020-15719 — CVSS 4.2 (medium): libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125…