Filtered by vendor Mcafee
Subscriptions
Total
605 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-17740 | 4 Mcafee, Openldap, Opensuse and 1 more | 4 Policy Auditor, Openldap, Leap and 1 more | 2025-04-20 | 7.5 High |
| contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | ||||
| CVE-2017-3897 | 1 Mcafee | 2 Livesafe, Security Scan Plus | 2025-04-20 | N/A |
| A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response. | ||||
| CVE-2017-3902 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-20 | N/A |
| Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation. | ||||
| CVE-2017-3935 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type. | ||||
| CVE-2017-3934 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows man-in-the-middle attackers to expose confidential data via read files on the webserver. | ||||
| CVE-2017-4015 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 4.5 Medium |
| Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. | ||||
| CVE-2017-3899 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter. | ||||
| CVE-2017-4055 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| Exploitation of Authentication vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to bypass ATD detection via loose enforcement of authentication and authorization. | ||||
| CVE-2016-8010 | 1 Mcafee | 2 Application Control, Endpoint Security | 2025-04-20 | N/A |
| Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | ||||
| CVE-2017-4016 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find another hole via HTTP response header. | ||||
| CVE-2016-8007 | 1 Mcafee | 1 Host Intrusion Prevention Services | 2025-04-20 | N/A |
| Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions. | ||||
| CVE-2016-8012 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2025-04-20 | N/A |
| Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get. | ||||
| CVE-2016-8026 | 1 Mcafee | 1 Security Scan Plus | 2025-04-20 | N/A |
| Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. | ||||
| CVE-2016-8024 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing. | ||||
| CVE-2015-8993 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2025-04-20 | N/A |
| Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | ||||
| CVE-2016-8016 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | ||||
| CVE-2016-8023 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie. | ||||
| CVE-2016-8022 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie. | ||||
| CVE-2015-8991 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2025-04-20 | N/A |
| Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | ||||
| CVE-2016-8021 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | N/A |
| Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. | ||||