Mcafee

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-8993 1Mcafee 3Cloud Av Security Scan PlusSecurity Webadvisor May 13, 2026 Mar 14, 2017 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during install...Show more Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.Show less
CVE-2015-8992 1Mcafee 3Cloud Av Security Scan PlusSecurity Webadvisor May 13, 2026 Mar 14, 2017 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during...Show more Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.Show less
CVE-2015-8991 1Mcafee 3Cloud Av Security Scan PlusSecurity Webadvisor May 13, 2026 Mar 14, 2017 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware d...Show more Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.Show less
CVE-2015-8990 1Mcafee 1Advanced Threat Defense May 13, 2026 Mar 14, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware.
CVE-2015-8989 1Mcafee 1Vulnerability Manager May 13, 2026 Mar 14, 2017 N/A· v4 8.8 HIGH· v3 4.0 MEDIUM· v2 Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute for...Show more Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database.Show less
CVE-2015-8988 1Mcafee 1Epo Deep Command May 13, 2026 Mar 14, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dro...Show more Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path.Show less
CVE-2015-8987 1Mcafee 1Agent May 13, 2026 Mar 14, 2017 N/A· v4 5.3 MEDIUM· v3 3.5 LOW· v2 Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server...Show more Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server.Show less
CVE-2015-8986 1Mcafee 1Advanced Threat Defense May 13, 2026 Mar 14, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper mal...Show more Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, then bypass proper malware detection resulting in failure to detect a malware file (false-negative) via specially crafted malware.Show less
CVE-2014-9921 1Mcafee 1Cloud Analysis And Deconstructive Services May 13, 2026 Mar 14, 2017 N/A· v4 9.8 CRITICAL· v3 9.7 HIGH· v2 Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier allows remote unauthenticated users to view, add, and remove users via...Show more Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier allows remote unauthenticated users to view, add, and remove users via a configuration error.Show less
CVE-2014-9920 1Mcafee 1Application Control May 13, 2026 Mar 14, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 b...Show more Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances.Show less
CVE-2013-7462 1Mcafee 1Saas Control Console Platform May 13, 2026 Mar 14, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view conten...Show more A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system level read access restrictions via a null-byte injection exploit.Show less
CVE-2013-7461 1Mcafee 2Application Control Change Control May 13, 2026 Mar 14, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via...Show more A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions.Show less
CVE-2013-7460 1Mcafee 2Application Control Change Control May 13, 2026 Mar 14, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Co...Show more A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.Show less
CVE-2017-3902 1Mcafee 1Epolicy Orchestrator May 13, 2026 Feb 13, 2017 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation.
CVE-2017-3896 1Mcafee 1Mcafee Agent May 13, 2026 Feb 13, 2017 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not...Show more Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated.Show less
CVE-2016-8006 1Mcafee 1Security Information And Event Management May 6, 2026 Jan 5, 2017 N/A· v4 4.4 MEDIUM· v3 1.7 LOW· v2 Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make change...Show more Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands.Show less
CVE-2016-4472 4Canonical Libexpat ProjectMcafee+1 more 4Libexpat Policy AuditorPython+1 more May 6, 2026 Jun 30, 2016 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NO...Show more The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716.Show less
CVE-2016-4448 8Apple HpMcafee+5 more 19Enterprise Linux Desktop Enterprise Linux ServerEnterprise Linux Server Aus+16 more May 6, 2026 Jun 9, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.
CVE-2016-4447 7Apple CanonicalDebian+4 more 11Debian Linux Icewall Federation AgentIphone Os+8 more May 6, 2026 Jun 9, 2016 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlPa...Show more The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName.Show less
CVE-2016-0718 9Apple CanonicalDebian+6 more 14Debian Linux FirefoxLeap+11 more May 6, 2026 May 26, 2016 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

Previous 1...192021...31 Next