Filtered by vendor Mcafee
Subscriptions
Total
603 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-8022 | 1 Mcafee | 1 Virusscan Enterprise | 2024-08-06 | N/A |
Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie. | ||||
CVE-2016-8021 | 1 Mcafee | 1 Virusscan Enterprise | 2024-08-06 | N/A |
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. | ||||
CVE-2016-8016 | 1 Mcafee | 1 Virusscan Enterprise | 2024-08-06 | N/A |
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. | ||||
CVE-2016-8005 | 1 Mcafee | 1 Email Gateway | 2024-08-06 | N/A |
File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a forged attached filename that uses a null byte within the filename extension. | ||||
CVE-2016-8006 | 1 Mcafee | 1 Security Information And Event Management | 2024-08-06 | N/A |
Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands. | ||||
CVE-2016-8007 | 1 Mcafee | 1 Host Intrusion Prevention Services | 2024-08-06 | N/A |
Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions. | ||||
CVE-2016-8019 | 1 Mcafee | 1 Virusscan Enterprise | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input. | ||||
CVE-2016-8024 | 1 Mcafee | 1 Virusscan Enterprise | 2024-08-06 | N/A |
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing. | ||||
CVE-2016-8008 | 2 Mcafee, Microsoft | 3 Security Scan Plus, Windows 10, Windows 7 | 2024-08-06 | N/A |
Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system. | ||||
CVE-2016-4534 | 2 Mcafee, Microsoft | 2 Virusscan Enterprise, Windows | 2024-08-06 | N/A |
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles. | ||||
CVE-2016-4472 | 4 Canonical, Libexpat Project, Mcafee and 1 more | 4 Ubuntu Linux, Libexpat, Policy Auditor and 1 more | 2024-08-06 | 8.1 High |
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716. | ||||
CVE-2016-4447 | 9 Apple, Canonical, Debian and 6 more | 14 Iphone Os, Itunes, Mac Os X and 11 more | 2024-08-06 | N/A |
The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. | ||||
CVE-2016-4448 | 9 Apple, Hp, Mcafee and 6 more | 22 Icloud, Iphone Os, Itunes and 19 more | 2024-08-06 | 9.8 Critical |
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. | ||||
CVE-2016-3984 | 1 Mcafee | 7 Active Response, Agent, Data Exchange Layer and 4 more | 2024-08-06 | N/A |
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys. | ||||
CVE-2016-3969 | 1 Mcafee | 1 Email Gateway | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) 7.6.x before 7.6.404, when File Filtering is enabled with the action set to ESERVICES:REPLACE, allows remote attackers to inject arbitrary web script or HTML via an attachment in a blocked email. | ||||
CVE-2016-1840 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2024-08-05 | N/A |
Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. | ||||
CVE-2016-1838 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2024-08-05 | N/A |
The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | ||||
CVE-2016-1837 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2024-08-05 | N/A |
Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document. | ||||
CVE-2016-1834 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2024-08-05 | N/A |
Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. | ||||
CVE-2016-1839 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2024-08-05 | N/A |
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. |