Vulnerabilities > Mcafee > Livesafe

DATE CVE VULNERABILITY TITLE RISK
2017-09-01 CVE-2017-3898 Improper Input Validation vulnerability in Mcafee Livesafe 14.0/16.0.2
A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response.
network
high complexity
mcafee CWE-20
5.9
2017-09-01 CVE-2017-3897 Code Injection vulnerability in Mcafee Livesafe and Security Scan Plus
A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus (MSS+) versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response.
network
low complexity
mcafee CWE-94
critical
9.8
2016-05-05 CVE-2016-4535 Improper Input Validation vulnerability in Mcafee Livesafe 14.0
Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed executable.
network
low complexity
mcafee CWE-20
7.5