| CVE-2016-8016 |
low |
3.4 |
4.4 |
EXP |
|
mcafee |
9y ago |
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a UR… |
| CVE-2016-4534 |
low |
3.0 |
4.0 |
EXP |
|
mcafee |
10y ago |
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and… |
| CVE-2015-8577 |
low |
— |
2.6 |
|
|
mcafee |
11y ago |
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platform… |
| CVE-2015-7238 |
low |
— |
2.1 |
|
|
mcafee |
11y ago |
The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sen… |
| CVE-2015-2760 |
low |
— |
3.5 |
|
|
mcafee |
11y ago |
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbit… |
| CVE-2015-1619 |
low |
— |
3.5 |
|
|
mcafee |
11y ago |
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allo… |
| CVE-2015-1617 |
low |
— |
3.5 |
|
|
mcafee |
11y ago |
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML vi… |
| CVE-2014-8537 |
low |
— |
2.1 |
|
|
mcafee |
12y ago |
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs. |
| CVE-2014-8536 |
low |
— |
2.1 |
|
|
mcafee |
12y ago |
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. |
| CVE-2014-8534 |
low |
— |
2.1 |
|
|
mcafee |
12y ago |
Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field. |
| CVE-2014-8532 |
low |
— |
3.6 |
|
|
mcafee |
12y ago |
Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to parti… |
| CVE-2014-8529 |
low |
— |
2.1 |
|
|
mcafee |
12y ago |
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. |
| CVE-2014-8528 |
low |
— |
2.1 |
|
|
mcafee |
12y ago |
McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log. |
| CVE-2014-8527 |
low |
— |
3.6 |
|
|
mcafee |
12y ago |
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information and affect integrity via vectors related to a "plain text password." |
| CVE-2014-8526 |
low |
— |
2.1 |
|
|
mcafee |
12y ago |
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace. |
| CVE-2014-8521 |
low |
— |
3.5 |
|
|
mcafee |
12y ago |
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2014-8519 |
low |
— |
2.1 |
|
|
mcafee |
12y ago |
Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors. |
| CVE-2014-8518 |
low |
— |
2.1 |
|
|
mcafee |
12y ago |
The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, an… |
| CVE-2012-4589 |
low |
— |
2.1 |
|
|
mcafee |
14y ago |
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to… |
| CVE-2012-4587 |
low |
— |
3.5 |
|
|
mcafee |
14y ago |
McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easi… |
| CVE-2012-4586 |
low |
— |
3.5 |
|
|
mcafee |
14y ago |
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows… |
| CVE-2012-4584 |
low |
— |
3.5 |
|
|
mcafee |
14y ago |
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easi… |
| CVE-2010-5143 |
low |
— |
2.6 |
|
|
mcafee |
14y ago |
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module. |
| CVE-2009-5117 |
low |
— |
1.9 |
|
|
mcafee |
14y ago |
The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive inf… |
