Vulnerabilities (CVE)

Filtered by vendor Mcafee Subscribe
Total 603 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-4054 1 Mcafee 1 Advanced Threat Defense 2025-04-20 6.5 MEDIUM 8.8 HIGH
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter.
CVE-2015-7704 6 Citrix, Debian, Mcafee and 3 more 14 Xenserver, Debian Linux, Enterprise Security Manager and 11 more 2025-04-20 5.0 MEDIUM 7.5 HIGH
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
CVE-2016-8010 1 Mcafee 2 Application Control, Endpoint Security 2025-04-20 4.6 MEDIUM 7.8 HIGH
Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.
CVE-2016-8009 1 Mcafee 1 Application Control 2025-04-20 4.6 MEDIUM 7.8 HIGH
Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call.
CVE-2015-8993 1 Mcafee 3 Cloud Av, Security Scan Plus, Security Webadvisor 2025-04-20 6.9 MEDIUM 7.0 HIGH
Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
CVE-2016-8025 1 Mcafee 1 Virusscan Enterprise 2025-04-20 6.0 MEDIUM 6.2 MEDIUM
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
CVE-2016-8024 1 Mcafee 1 Virusscan Enterprise 2025-04-20 6.8 MEDIUM 8.1 HIGH
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
CVE-2017-3896 1 Mcafee 1 Mcafee Agent 2025-04-20 4.3 MEDIUM 5.9 MEDIUM
Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated.
CVE-2016-8021 1 Mcafee 1 Virusscan Enterprise 2025-04-20 3.5 LOW 5.0 MEDIUM
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
CVE-2017-9287 5 Debian, Mcafee, Openldap and 2 more 10 Debian Linux, Policy Auditor, Openldap and 7 more 2025-04-20 4.0 MEDIUM 6.5 MEDIUM
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.
CVE-2013-7460 1 Mcafee 2 Application Control, Change Control 2025-04-20 2.1 LOW 5.5 MEDIUM
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.
CVE-2017-4053 1 Mcafee 1 Advanced Threat Defense 2025-04-20 7.5 HIGH 9.8 CRITICAL
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter.
CVE-2016-8017 1 Mcafee 1 Virusscan Enterprise 2025-04-20 4.0 MEDIUM 4.1 MEDIUM
Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
CVE-2017-4057 1 Mcafee 1 Advanced Threat Defense 2025-04-20 6.5 MEDIUM 8.8 HIGH
Privilege Escalation vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to gain elevated privileges via the GUI or GUI terminal commands.
CVE-2015-8992 1 Mcafee 3 Cloud Av, Security Scan Plus, Security Webadvisor 2025-04-20 6.9 MEDIUM 7.0 HIGH
Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
CVE-2016-8019 1 Mcafee 1 Virusscan Enterprise 2025-04-20 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.
CVE-2016-8031 1 Mcafee 1 Anti-malware Scan Engine 2025-04-20 4.4 MEDIUM 7.3 HIGH
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file.
CVE-2017-17740 4 Mcafee, Openldap, Opensuse and 1 more 4 Policy Auditor, Openldap, Leap and 1 more 2025-04-20 5.0 MEDIUM 7.5 HIGH
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
CVE-2017-4055 1 Mcafee 1 Advanced Threat Defense 2025-04-20 5.0 MEDIUM 7.5 HIGH
Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to bypass ATD detection via loose enforcement of authentication and authorization.
CVE-2016-8032 1 Mcafee 1 Anti-malware Scan Engine 2025-04-20 4.4 MEDIUM 7.3 HIGH
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file.