ReportizFlow
Filtered by vendor Mcafee
Subscriptions
Total
605 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-4014 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP request. | ||||
| CVE-2016-8018 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input. | ||||
| CVE-2016-8020 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter. | ||||
| CVE-2016-8024 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing. | ||||
| CVE-2017-4013 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header. | ||||
| CVE-2013-7460 | 1 Mcafee | 2 Application Control, Change Control | 2025-04-20 | N/A |
| A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions. | ||||
| CVE-2016-8023 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie. | ||||
| CVE-2015-8990 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. | ||||
| CVE-2016-8021 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. | ||||
| CVE-2017-4017 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| User Name Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to view user information via the appliance web interface. | ||||
| CVE-2017-4015 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 4.5 Medium |
| Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. | ||||
| CVE-2016-8016 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | ||||
| CVE-2015-7704 | 6 Citrix, Debian, Mcafee and 3 more | 16 Xenserver, Debian Linux, Enterprise Security Manager and 13 more | 2025-04-20 | 7.5 High |
| The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | ||||
| CVE-2015-8987 | 1 Mcafee | 1 Agent | 2025-04-20 | N/A |
| Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server. | ||||
| CVE-2016-8007 | 1 Mcafee | 1 Host Intrusion Prevention Services | 2025-04-20 | N/A |
| Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions. | ||||
| CVE-2017-3897 | 1 Mcafee | 2 Livesafe, Security Scan Plus | 2025-04-20 | N/A |
| A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response. | ||||
| CVE-2016-8027 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-20 | N/A |
| SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and earlier allows attackers to alter a SQL query, which can result in disclosure of information within the database or impersonation of an agent without authentication via a specially crafted HTTP post. | ||||
| CVE-2017-3934 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows man-in-the-middle attackers to expose confidential data via read files on the webserver. | ||||
| CVE-2016-8026 | 1 Mcafee | 1 Security Scan Plus | 2025-04-20 | N/A |
| Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. | ||||
| CVE-2016-8025 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter. | ||||