Filtered by vendor Mcafee
Subscriptions
Total
603 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-1836 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2024-08-05 | N/A |
Use-after-free vulnerability in the xmlDictComputeFastKey function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service via a crafted XML document. | ||||
CVE-2016-1833 | 6 Apple, Canonical, Debian and 3 more | 16 Iphone Os, Mac Os X, Tvos and 13 more | 2024-08-05 | N/A |
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | ||||
CVE-2016-1762 | 6 Apple, Canonical, Debian and 3 more | 17 Iphone Os, Mac Os X, Safari and 14 more | 2024-08-05 | N/A |
The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | ||||
CVE-2016-0718 | 10 Apple, Canonical, Debian and 7 more | 16 Mac Os X, Ubuntu Linux, Debian Linux and 13 more | 2024-08-05 | 9.8 Critical |
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. | ||||
CVE-2017-1000366 | 8 Debian, Gnu, Mcafee and 5 more | 26 Debian Linux, Glibc, Web Gateway and 23 more | 2024-08-05 | N/A |
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. | ||||
CVE-2017-17740 | 4 Mcafee, Openldap, Opensuse and 1 more | 4 Policy Auditor, Openldap, Leap and 1 more | 2024-08-05 | 7.5 High |
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | ||||
CVE-2017-9287 | 5 Debian, Mcafee, Openldap and 2 more | 11 Debian Linux, Policy Auditor, Openldap and 8 more | 2024-08-05 | 6.5 Medium |
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. | ||||
CVE-2017-4012 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-08-05 | N/A |
Privilege Escalation vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via modification of the HTTP request. | ||||
CVE-2017-3948 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-08-05 | N/A |
Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session. | ||||
CVE-2017-4016 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-08-05 | N/A |
Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find another hole via HTTP response header. | ||||
CVE-2017-4015 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-08-05 | 4.5 Medium |
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. | ||||
CVE-2017-3962 | 1 Mcafee | 1 Network Security Manager | 2024-08-05 | N/A |
Password recovery exploitation vulnerability in the non-certificate-based authentication mechanism in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to crack user passwords via unsalted hashes. | ||||
CVE-2017-3902 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-08-05 | N/A |
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation. | ||||
CVE-2017-3907 | 1 Mcafee | 1 Mcafee Threat Intelligence Exchange | 2024-08-05 | N/A |
Code Injection vulnerability in the ePolicy Orchestrator (ePO) extension in McAfee Threat Intelligence Exchange (TIE) Server 2.1.0 and earlier allows remote attackers to execute arbitrary HTML code to be reflected in the response web page via unspecified vector. | ||||
CVE-2017-4017 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-08-05 | N/A |
User Name Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to view user information via the appliance web interface. | ||||
CVE-2017-3899 | 1 Mcafee | 1 Advanced Threat Defense | 2024-08-05 | N/A |
SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter. | ||||
CVE-2017-4011 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-08-05 | N/A |
Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request. | ||||
CVE-2017-3980 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-08-05 | N/A |
A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choice via an authenticated ePO session. | ||||
CVE-2017-4013 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-08-05 | N/A |
Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header. | ||||
CVE-2017-3960 | 1 Mcafee | 1 Network Security Manager | 2024-08-05 | N/A |
Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter. |