Filtered by vendor Mcafee
Subscribe
Total
597 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9920 | 1 Mcafee | 1 Application Control | 2017-03-29 | 4.3 MEDIUM | 5.9 MEDIUM |
| Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances. | |||||
| CVE-2013-7462 | 1 Mcafee | 1 Saas Control Console Platform | 2017-03-29 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system level read access restrictions via a null-byte injection exploit. | |||||
| CVE-2015-8993 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2017-03-28 | 6.9 MEDIUM | 7.0 HIGH |
| Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | |||||
| CVE-2015-8991 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2017-03-28 | 6.9 MEDIUM | 7.0 HIGH |
| Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | |||||
| CVE-2016-8008 | 2 Mcafee, Microsoft | 3 Security Scan Plus, Windows 10, Windows 7 | 2017-03-27 | 7.2 HIGH | 8.8 HIGH |
| Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system. | |||||
| CVE-2016-8009 | 1 Mcafee | 1 Application Control | 2017-03-27 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. | |||||
| CVE-2017-3899 | 1 Mcafee | 1 Advanced Threat Defense | 2017-03-23 | 4.0 MEDIUM | 6.5 MEDIUM |
| SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter. | |||||
| CVE-2015-8992 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2017-03-23 | 6.9 MEDIUM | 7.0 HIGH |
| Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | |||||
| CVE-2014-9921 | 1 Mcafee | 1 Cloud Analysis And Deconstructive Services | 2017-03-23 | 9.7 HIGH | 9.8 CRITICAL |
| Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier allows remote unauthenticated users to view, add, and remove users via a configuration error. | |||||
| CVE-2015-8990 | 1 Mcafee | 1 Advanced Threat Defense | 2017-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. | |||||
| CVE-2015-8988 | 1 Mcafee | 1 Epo Deep Command | 2017-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path. | |||||
| CVE-2016-8007 | 1 Mcafee | 1 Host Intrusion Prevention Services | 2017-03-23 | 3.0 LOW | 6.3 MEDIUM |
| Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions. | |||||
| CVE-2015-8987 | 1 Mcafee | 1 Agent | 2017-03-23 | 3.5 LOW | 5.3 MEDIUM |
| Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server. | |||||
| CVE-2015-8986 | 1 Mcafee | 1 Advanced Threat Defense | 2017-03-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware. | |||||
| CVE-2015-8989 | 1 Mcafee | 1 Vulnerability Manager | 2017-03-22 | 4.0 MEDIUM | 8.8 HIGH |
| Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database. | |||||
| CVE-2013-7460 | 1 Mcafee | 2 Application Control, Change Control | 2017-03-17 | 2.1 LOW | 5.5 MEDIUM |
| A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions. | |||||
| CVE-2013-7461 | 1 Mcafee | 2 Application Control, Change Control | 2017-03-16 | 2.1 LOW | 5.5 MEDIUM |
| A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions. | |||||
| CVE-2012-4599 | 1 Mcafee | 1 Smartfilter Administration | 2017-01-19 | 10.0 HIGH | N/A |
| McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which allows remote attackers to execute arbitrary code via a crafted .war file. | |||||
| CVE-2016-8006 | 1 Mcafee | 1 Security Information And Event Management | 2017-01-17 | 1.7 LOW | 4.4 MEDIUM |
| Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands. | |||||
| CVE-2013-5094 | 1 Mcafee | 1 Vulnerability Manager | 2016-12-30 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.exp in McAfee Vulnerability Manager 7.5 allows remote attackers to inject arbitrary web script or HTML via the cert_cn cookie parameter. | |||||