Filtered by vendor Mcafee
Subscribe
Total
603 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-4014 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 6.0 MEDIUM | 8.0 HIGH |
| Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP request. | |||||
| CVE-2015-8992 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2025-04-20 | 6.9 MEDIUM | 7.0 HIGH |
| Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | |||||
| CVE-2015-7704 | 6 Citrix, Debian, Mcafee and 3 more | 14 Xenserver, Debian Linux, Enterprise Security Manager and 11 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | |||||
| CVE-2017-17740 | 4 Mcafee, Openldap, Opensuse and 1 more | 4 Policy Auditor, Openldap, Leap and 1 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | |||||
| CVE-2017-4015 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 3.5 LOW | 4.5 MEDIUM |
| Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. | |||||
| CVE-2017-4057 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Privilege Escalation vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to gain elevated privileges via the GUI or GUI terminal commands. | |||||
| CVE-2017-4013 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header. | |||||
| CVE-2016-8031 | 1 Mcafee | 1 Anti-malware Scan Engine | 2025-04-20 | 4.4 MEDIUM | 7.3 HIGH |
| Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. | |||||
| CVE-2017-3980 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-20 | 6.5 MEDIUM | 7.2 HIGH |
| A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choice via an authenticated ePO session. | |||||
| CVE-2015-8987 | 1 Mcafee | 1 Agent | 2025-04-20 | 3.5 LOW | 5.3 MEDIUM |
| Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server. | |||||
| CVE-2016-8026 | 1 Mcafee | 1 Security Scan Plus | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. | |||||
| CVE-2017-4017 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| User Name Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to view user information via the appliance web interface. | |||||
| CVE-2017-4053 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter. | |||||
| CVE-2016-8009 | 1 Mcafee | 1 Application Control | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. | |||||
| CVE-2016-8010 | 1 Mcafee | 2 Application Control, Endpoint Security | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | |||||
| CVE-2017-4011 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request. | |||||
| CVE-2016-8018 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 6.0 MEDIUM | 4.3 MEDIUM |
| Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input. | |||||
| CVE-2016-8023 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 6.8 MEDIUM | 8.1 HIGH |
| Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie. | |||||
| CVE-2016-8016 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 3.5 LOW | 3.4 LOW |
| Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | |||||
| CVE-2017-3898 | 1 Mcafee | 1 Livesafe | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response. | |||||