Filtered by vendor Mcafee
Subscribe
Total
597 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1491 | 2 Mcafee, Microsoft | 2 Groupshield, Exchange Server | 2017-08-16 | 9.3 HIGH | N/A |
| McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or anti-spam products from McAfee or other vendors, does not scan X- headers for malicious content, which allows remote attackers to bypass virus detection via a crafted message, as demonstrated by a message with an X-Testing header and no message body. | |||||
| CVE-2009-2429 | 1 Mcafee | 1 Smartfilter | 2017-08-16 | 4.6 MEDIUM | N/A |
| SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in admin_backup.xml files and uses insecure permissions for these files, which allows local users to gain privileges. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-2312 | 1 Mcafee | 1 Smartfilter | 2017-08-16 | 4.6 MEDIUM | N/A |
| SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges. | |||||
| CVE-2008-7020 | 1 Mcafee | 1 Safeboot Device Encryption | 2017-08-16 | 2.1 LOW | N/A |
| McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. | |||||
| CVE-2008-3605 | 1 Mcafee | 1 Encrypted Usb Manager | 2017-08-07 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for passwords is nonzero, allows remote attackers to conduct offline brute force attacks via unknown vectors. | |||||
| CVE-2007-2151 | 1 Mcafee | 1 E-business Server | 2017-07-28 | 5.0 MEDIUM | N/A |
| The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows remote attackers to cause a denial of service (service crash) via a large length value in a malformed authentication packet, which triggers a heap over-read. | |||||
| CVE-2007-2957 | 1 Mcafee | 1 E-business Server | 2017-07-28 | 9.3 HIGH | N/A |
| Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow. | |||||
| CVE-2007-2584 | 1 Mcafee | 3 Security Center, Securitycenter Agent, Virusscan | 2017-07-28 | 10.0 HIGH | N/A |
| Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument. | |||||
| CVE-2007-2152 | 1 Mcafee | 1 Virusscan Enterprise | 2017-07-28 | 7.9 HIGH | N/A |
| Buffer overflow in the On-Access Scanner in McAfee VirusScan Enterprise before 8.0i Patch 12 allows user-assisted remote attackers to execute arbitrary code via a long filename containing multi-byte (Unicode) characters. | |||||
| CVE-2006-6474 | 1 Mcafee | 1 Virusscan | 2017-07-28 | 4.6 MEDIUM | N/A |
| Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory. | |||||
| CVE-2002-2282 | 1 Mcafee | 1 Virusscan | 2017-07-28 | 6.9 MEDIUM | N/A |
| McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs. | |||||
| CVE-2017-3896 | 1 Mcafee | 1 Mcafee Agent | 2017-07-25 | 4.3 MEDIUM | 5.9 MEDIUM |
| Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated. | |||||
| CVE-2017-3902 | 1 Mcafee | 1 Epolicy Orchestrator | 2017-07-25 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation. | |||||
| CVE-2006-5274 | 1 Mcafee | 3 Common Management Agent, Epolicy Orchestrator, Protectionpilot | 2017-07-19 | 7.6 HIGH | N/A |
| Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2006-5271 | 1 Mcafee | 2 E-business Server, Protectionpilot | 2017-07-19 | 7.6 HIGH | N/A |
| Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption. | |||||
| CVE-2006-5272 | 1 Mcafee | 3 Common Management Agent, E-business Server, Protectionpilot | 2017-07-19 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet. | |||||
| CVE-2006-5273 | 1 Mcafee | 3 Common Management Agent, E-business Server, Protectionpilot | 2017-07-19 | 7.6 HIGH | N/A |
| Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet. | |||||
| CVE-2006-5156 | 1 Mcafee | 2 Epolicy Orchestrator, Protectionpilot | 2017-07-19 | 10.0 HIGH | N/A |
| Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header. | |||||
| CVE-2005-4505 | 1 Mcafee | 2 Common Management Agent, Virusscan Enterprise | 2017-07-19 | 7.2 HIGH | N/A |
| Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path. | |||||
| CVE-2004-2635 | 1 Mcafee | 1 Security Installer Control System | 2017-07-19 | 7.5 HIGH | N/A |
| An ActiveX control for McAfee Security Installer Control System 4.0.0.81 allows remote attackers to access the Windows registry via web pages that use the control's RegQueryValue() method. | |||||