Filtered by vendor Mcafee
Subscriptions
Total
603 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-4054 | 1 Mcafee | 1 Advanced Threat Defense | 2024-09-16 | N/A |
| Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter. | ||||
| CVE-2017-3972 | 1 Mcafee | 1 Network Security Manager | 2024-09-16 | N/A |
| Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to execute arbitrary code via the server banner leaking potentially sensitive or security relevant information. | ||||
| CVE-2014-8529 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-09-16 | N/A |
| McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2009-5116 | 1 Mcafee | 1 Linuxshield | 2024-09-16 | N/A |
| McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client account. | ||||
| CVE-2019-3610 | 2 Mcafee, Microsoft | 2 True Key, Windows | 2024-09-16 | N/A |
| Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware. | ||||
| CVE-2020-7331 | 1 Mcafee | 1 Endpoint Security | 2024-09-16 | 7.8 High |
| Unquoted service executable path in McAfee Endpoint Security (ENS) prior to 10.7.0 November 2020 Update allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | ||||
| CVE-2020-7337 | 1 Mcafee | 1 Virusscan Enterprise | 2024-09-16 | 6.5 Medium |
| Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks. | ||||
| CVE-2020-7262 | 1 Mcafee | 1 Advanced Threat Defense | 2024-09-16 | 5.3 Medium |
| Improper Access Control vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.10.0 allows local users to view sensitive files via a carefully crafted HTTP request parameter. | ||||
| CVE-2017-3966 | 1 Mcafee | 1 Network Security Manager | 2024-09-16 | N/A |
| Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL. | ||||
| CVE-2018-6661 | 2 Mcafee, Microsoft | 2 True Key, Windows | 2024-09-16 | 7.8 High |
| DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature. | ||||
| CVE-2017-3967 | 1 Mcafee | 1 Network Security Manager | 2024-09-16 | N/A |
| Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via application pages inability to break out of 3rd party HTML frames. | ||||
| CVE-2015-7238 | 1 Mcafee | 1 Threat Intelligence Exchange | 2024-09-16 | N/A |
| The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files. | ||||
| CVE-2016-2199 | 1 Mcafee | 1 Vulnerability Manager | 2024-09-16 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors. | ||||
| CVE-2018-6664 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-09-16 | N/A |
| Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility. | ||||
| CVE-2015-1616 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-09-16 | N/A |
| SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2019-3643 | 1 Mcafee | 4 Active Response, Advanced Threat Defense, Enterprise Security Manager and 1 more | 2024-09-16 | 5.3 Medium |
| McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies. | ||||
| CVE-2016-4535 | 1 Mcafee | 1 Livesafe | 2024-09-16 | N/A |
| Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed executable. | ||||
| CVE-2020-7291 | 2 Apple, Mcafee | 2 Macos, Active Response | 2024-09-16 | 7.8 High |
| Privilege Escalation vulnerability in McAfee Active Response (MAR) for Mac prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to. | ||||
| CVE-2016-3983 | 1 Mcafee | 1 Advanced Threat Defense | 2024-09-16 | N/A |
| McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process. | ||||
| CVE-2020-7250 | 1 Mcafee | 1 Endpoint Security | 2024-09-16 | 8.2 High |
| Symbolic link manipulation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows authenticated local user to potentially gain an escalation of privileges by pointing the link to files which the user which not normally have permission to alter via carefully creating symbolic links from the ENS log file directory. | ||||