Filtered by vendor Mcafee
Subscribe
Total
590 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0230 | 7 Juniper, Mcafee, Microsoft and 4 more | 12 Junos, Network Data Loss Prevention, Windows 2000 and 9 more | 2025-05-02 | 5.0 MEDIUM | N/A |
| TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | |||||
| CVE-2022-43751 | 1 Mcafee | 1 Total Protection | 2025-04-29 | N/A | 7.8 HIGH |
| McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges. | |||||
| CVE-2017-4057 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 6.5 MEDIUM | 8.8 HIGH |
| Privilege Escalation vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to gain elevated privileges via the GUI or GUI terminal commands. | |||||
| CVE-2017-4053 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter. | |||||
| CVE-2015-8986 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware. | |||||
| CVE-2015-7704 | 6 Citrix, Debian, Mcafee and 3 more | 14 Xenserver, Debian Linux, Enterprise Security Manager and 11 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | |||||
| CVE-2017-4015 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 3.5 LOW | 4.5 MEDIUM |
| Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. | |||||
| CVE-2014-9920 | 1 Mcafee | 1 Application Control | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances. | |||||
| CVE-2013-7462 | 1 Mcafee | 1 Saas Control Console Platform | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system level read access restrictions via a null-byte injection exploit. | |||||
| CVE-2017-3896 | 1 Mcafee | 1 Mcafee Agent | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated. | |||||
| CVE-2015-8993 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2025-04-20 | 6.9 MEDIUM | 7.0 HIGH |
| Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | |||||
| CVE-2016-8016 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 3.5 LOW | 3.4 LOW |
| Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | |||||
| CVE-2016-8017 | 1 Mcafee | 1 Virusscan Enterprise | 2025-04-20 | 4.0 MEDIUM | 4.1 MEDIUM |
| Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input. | |||||
| CVE-2016-8032 | 1 Mcafee | 1 Anti-malware Scan Engine | 2025-04-20 | 4.4 MEDIUM | 7.3 HIGH |
| Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. | |||||
| CVE-2017-3934 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| Missing HTTP Strict Transport Security state information vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows man-in-the-middle attackers to expose confidential data via read files on the webserver. | |||||
| CVE-2016-8010 | 1 Mcafee | 2 Application Control, Endpoint Security | 2025-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | |||||
| CVE-2017-3933 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack. | |||||
| CVE-2017-3898 | 1 Mcafee | 1 Livesafe | 2025-04-20 | 4.3 MEDIUM | 5.9 MEDIUM |
| A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response. | |||||
| CVE-2017-4013 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header. | |||||
| CVE-2015-8992 | 1 Mcafee | 3 Cloud Av, Security Scan Plus, Security Webadvisor | 2025-04-20 | 6.9 MEDIUM | 7.0 HIGH |
| Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | |||||