Vulnerabilities > Mcafee > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-31 | CVE-2016-8032 | Improper Access Control vulnerability in Mcafee Anti-Malware Scan Engine Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local attackers to bypass local security protection via a crafted input file. | 7.3 |
| 2017-03-28 | CVE-2016-8031 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Anti-Malware Scan Engine Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. | 7.3 |
| 2017-03-14 | CVE-2016-8026 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Security Scan Plus 2.0.181.2/3.11.376/3.11.469 Arbitrary command execution vulnerability in Intel Security McAfee Security Scan Plus (SSP) 3.11.469 and earlier allows authenticated users to gain elevated privileges via unspecified vectors. | 7.8 |
| 2017-03-14 | CVE-2016-8024 | HTTP Response Splitting vulnerability in Mcafee Virusscan Enterprise Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing. | 8.1 |
| 2017-03-14 | CVE-2016-8023 | Improper Authentication vulnerability in Mcafee Virusscan Enterprise Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie. | 8.1 |
| 2017-03-14 | CVE-2016-8022 | Improper Authentication vulnerability in Mcafee Virusscan Enterprise Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie. | 7.5 |
| 2017-03-14 | CVE-2016-8020 | Code Injection vulnerability in Mcafee Virusscan Enterprise Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter. | 8.0 |
| 2017-03-14 | CVE-2016-8012 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get. | 7.8 |
| 2017-03-14 | CVE-2016-8010 | Improper Access Control vulnerability in Mcafee Application Control and Endpoint Security Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | 7.8 |
| 2017-03-14 | CVE-2016-8009 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Application Control Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. | 7.8 |