Filtered by vendor Mcafee
Subscribe
Total
604 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-8025 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 6.0 MEDIUM | 6.2 MEDIUM |
| SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter. | |||||
| CVE-2017-4057 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Privilege Escalation vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to gain elevated privileges via the GUI or GUI terminal commands. | |||||
| CVE-2017-4052 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP request parameter. | |||||
| CVE-2016-8020 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 6.0 MEDIUM | 8.0 HIGH |
| Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter. | |||||
| CVE-2016-8027 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-20 | 7.5 HIGH | 10.0 CRITICAL |
| SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a specially crafted HTTP post. | |||||
| CVE-2016-8026 | 1 Mcafee | 1 Security Scan Plus | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. | |||||
| CVE-2017-3899 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter. | |||||
| CVE-2015-8990 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. | |||||
| CVE-2015-8986 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware. | |||||
| CVE-2016-8031 | 1 Mcafee | 1 Anti-malware Scan Engine | 2025-04-20 | 4.4 MEDIUM | 7.3 HIGH |
| Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. | |||||
| CVE-2017-3902 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation. | |||||
| CVE-2015-8988 | 1 Mcafee | 1 Epo Deep Command | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path. | |||||
| CVE-2016-8019 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input. | |||||
| CVE-2015-7704 | 6 Citrix, Debian, Mcafee and 3 more | 14 Xenserver, Debian Linux, Enterprise Security Manager and 11 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | |||||
| CVE-2015-8993 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2025-04-20 | 6.9 MEDIUM | 7.0 HIGH |
| Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | |||||
| CVE-2017-9287 | 5 Debian, Mcafee, Openldap and 2 more | 10 Debian Linux, Policy Auditor, Openldap and 7 more | 2025-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. | |||||
| CVE-2017-4054 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter. | |||||
| CVE-2017-3935 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type. | |||||
| CVE-2016-8022 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 5.1 MEDIUM | 7.5 HIGH |
| Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie. | |||||
| CVE-2016-8009 | 1 Mcafee | 1 Application Control | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. | |||||