Filtered by vendor Mcafee
Subscribe
Total
603 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-2588 | 1 Mcafee | 1 Asset Manager | 2025-04-12 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the reportFileName parameter. | |||||
| CVE-2016-1837 | 6 Apple, Canonical, Debian and 3 more | 14 Iphone Os, Mac Os X, Tvos and 11 more | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document. | |||||
| CVE-2015-2053 | 1 Mcafee | 1 Mcafee Agent | 2025-04-12 | 4.3 MEDIUM | N/A |
| The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote attackers to conduct clickjacking attacks via a crafted web page, aka an "http-generic-click-jacking" vulnerability. | |||||
| CVE-2015-0922 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-12 | 5.0 MEDIUM | N/A |
| McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by leveraging knowledge of the encrypted password. | |||||
| CVE-2016-0718 | 9 Apple, Canonical, Debian and 6 more | 14 Mac Os X, Ubuntu Linux, Debian Linux and 11 more | 2025-04-12 | 7.5 HIGH | 9.8 CRITICAL |
| Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. | |||||
| CVE-2014-8524 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 5.0 MEDIUM | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 does not disable the autocomplete setting for the password and other fields, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2015-3030 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-12 | 4.0 MEDIUM | N/A |
| The web interface in McAfee Advanced Threat Defense (MATD) before 3.4.4.63 allows remote authenticated users to obtain sensitive configuration information via unspecified vectors. | |||||
| CVE-2014-8533 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 7.5 HIGH | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to execute arbitrary code via vectors related to ICMP redirection. | |||||
| CVE-2014-8530 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 7.5 HIGH | N/A |
| Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to obtain sensitive information, affect integrity, or cause a denial of service via unknown vectors, related to simultaneous logins. | |||||
| CVE-2014-8532 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 3.6 LOW | N/A |
| Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting. | |||||
| CVE-2014-8526 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 2.1 LOW | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace. | |||||
| CVE-2015-2759 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2025-04-12 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the database via unspecified vectors. | |||||
| CVE-2014-8519 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 2.1 LOW | N/A |
| Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors. | |||||
| CVE-2014-8536 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 2.1 LOW | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. | |||||
| CVE-2016-1838 | 6 Apple, Canonical, Debian and 3 more | 14 Iphone Os, Mac Os X, Tvos and 11 more | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | |||||
| CVE-2014-8518 | 1 Mcafee | 2 Endpoint Encryption For Files And Folders, File And Removable Media Protection | 2025-04-12 | 2.1 LOW | N/A |
| The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x through 4.2.x, uses a hard-coded salt, which makes it easier for local users to obtain passwords via a brute force attack. | |||||
| CVE-2016-1833 | 6 Apple, Canonical, Debian and 3 more | 14 Iphone Os, Mac Os X, Tvos and 11 more | 2025-04-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | |||||
| CVE-2015-1305 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows Xp | 2025-04-12 | 6.9 MEDIUM | N/A |
| McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call. | |||||
| CVE-2015-2758 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2025-04-12 | 6.5 MEDIUM | N/A |
| The ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to obtain sensitive information, modify the database, or possibly have other unspecified impact via a crafted URL. | |||||
| CVE-2014-8525 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-12 | 5.0 MEDIUM | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. | |||||