Filtered by vendor Mcafee
Subscribe
Total
597 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-4054 | 1 Mcafee | 1 Advanced Threat Defense | 2017-07-17 | 6.5 MEDIUM | 8.8 HIGH |
| Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter. | |||||
| CVE-2017-4055 | 1 Mcafee | 1 Advanced Threat Defense | 2017-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to bypass ATD detection via loose enforcement of authentication and authorization. | |||||
| CVE-2017-4052 | 1 Mcafee | 1 Advanced Threat Defense | 2017-07-17 | 7.5 HIGH | 9.8 CRITICAL |
| Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP request parameter. | |||||
| CVE-2016-8032 | 1 Mcafee | 1 Anti-malware Scan Engine | 2017-07-11 | 4.4 MEDIUM | 7.3 HIGH |
| Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. | |||||
| CVE-2004-1908 | 1 Mcafee | 1 Freescan | 2017-07-10 | 5.0 MEDIUM | N/A |
| McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensitive information via the GetSpecialFolderLocation function with certain parameters. | |||||
| CVE-2004-1906 | 1 Mcafee | 1 Freescan | 2017-07-10 | 5.0 MEDIUM | N/A |
| Mcafee FreeScan allows remote attackers to cause a denial of service and possibly arbitrary code via a long string in the ScanParam property of a COM object, which may trigger a buffer overflow. | |||||
| CVE-2004-0831 | 1 Mcafee | 1 Virusscan | 2017-07-10 | 7.2 HIGH | N/A |
| McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges. | |||||
| CVE-2001-1456 | 4 Mcafee, Network Associates, Pgp and 1 more | 5 Webshield Smtp, Gauntlet Firewall, Mcafee E-ppliance and 2 more | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. | |||||
| CVE-2004-0038 | 1 Mcafee | 1 Epolicy Orchestrator | 2017-07-10 | 7.5 HIGH | N/A |
| McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81. | |||||
| CVE-2017-4014 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-07-07 | 6.0 MEDIUM | 8.0 HIGH |
| Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP request. | |||||
| CVE-2017-4011 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-07-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request. | |||||
| CVE-2017-4013 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-07-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header. | |||||
| CVE-2017-4015 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-07-07 | 3.5 LOW | 4.5 MEDIUM |
| Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. | |||||
| CVE-2017-4016 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-07-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find another hole via HTTP response header. | |||||
| CVE-2017-4017 | 1 Mcafee | 1 Network Data Loss Prevention | 2017-07-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| User Name Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to view user information via the appliance web interface. | |||||
| CVE-2017-3948 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2017-07-05 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session. | |||||
| CVE-2016-8030 | 1 Mcafee | 1 Virusscan Enterprise | 2017-05-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link. | |||||
| CVE-2016-8026 | 1 Mcafee | 1 Security Scan Plus | 2017-05-01 | 4.6 MEDIUM | 7.8 HIGH |
| Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. | |||||
| CVE-2016-8005 | 1 Mcafee | 1 Email Gateway | 2017-03-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a forged attached filename that uses a null byte within the filename extension. | |||||
| CVE-2016-8010 | 1 Mcafee | 2 Application Control, Endpoint Security | 2017-03-30 | 4.6 MEDIUM | 7.8 HIGH |
| Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | |||||