ReportizFlow
Filtered by vendor Mcafee
Subscriptions
Total
605 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1348 | 1 Mcafee | 13 Active Virus Defense, Active Virusscan, Email Gateway and 10 more | 2025-04-09 | N/A |
| The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive. | ||||
| CVE-2009-1491 | 2 Mcafee, Microsoft | 2 Groupshield, Exchange Server | 2025-04-09 | N/A |
| McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or anti-spam products from McAfee or other vendors, does not scan X- headers for malicious content, which allows remote attackers to bypass virus detection via a crafted message, as demonstrated by a message with an X-Testing header and no message body. | ||||
| CVE-2009-3339 | 1 Mcafee | 1 Email And Web Security Appliance | 2025-04-09 | N/A |
| Unspecified vulnerability in McAfee Email and Web Security Appliance 5.1 VMtrial allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2023-0221 | 1 Mcafee | 1 Application And Change Control | 2025-04-04 | 4.4 Medium |
| Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. | ||||
| CVE-2001-1456 | 4 Mcafee, Network Associates, Pgp and 1 more | 5 Webshield Smtp, Gauntlet Firewall, Mcafee E-ppliance and 2 more | 2025-04-03 | N/A |
| Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message. | ||||
| CVE-2000-0502 | 1 Mcafee | 1 Virusscan | 2025-04-03 | N/A |
| Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. | ||||
| CVE-2003-0149 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | N/A |
| Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters. | ||||
| CVE-2000-0119 | 2 Mcafee, Symantec | 2 Virusscan, Norton Antivirus | 2025-04-03 | N/A |
| The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. | ||||
| CVE-2005-3657 | 1 Mcafee | 2 Mcinsctl.dll, Virusscan Security Center | 2025-04-03 | N/A |
| The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object. | ||||
| CVE-2004-0932 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2004-0934 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2003-0610 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | N/A |
| Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. | ||||
| CVE-2003-0148 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-03 | N/A |
| The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, (2) crack the password due to weak cryptography, and (3) use the password to pass commands through xp_cmdshell. | ||||
| CVE-2002-1875 | 1 Mcafee | 1 Entercept Agent | 2025-04-03 | N/A |
| Entercept Agent 2.5 agent for Windows, released before May 21, 2002, allows local administrative users to obtain the entercept agent password, which could allow the administrators to log on as the entercept_agent account and conceal their identity. | ||||
| CVE-2004-0937 | 11 Archive Zip, Broadcom, Ca and 8 more | 23 Archive Zip, Brightstor Arcserve Backup, Etrust Antivirus and 20 more | 2025-04-03 | N/A |
| Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | ||||
| CVE-2000-1128 | 1 Mcafee | 1 Virusscan | 2025-04-03 | N/A |
| The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory. | ||||
| CVE-2002-2282 | 1 Mcafee | 1 Virusscan | 2025-04-03 | N/A |
| McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs. | ||||
| CVE-2004-1908 | 1 Mcafee | 1 Freescan | 2025-04-03 | N/A |
| McFreeScan.CoMcFreeScan.1 ActiveX object in Mcafee FreeScan allows remote attackers to obtain sensitive information via the GetSpecialFolderLocation function with certain parameters. | ||||
| CVE-2006-3575 | 1 Mcafee | 1 Virusscan | 2025-04-03 | N/A |
| Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields. | ||||
| CVE-2005-0643 | 1 Mcafee | 1 Antivirus Engine | 2025-04-03 | N/A |
| Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files. | ||||