Vulnerabilities > Mcafee > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-14 | CVE-2016-8008 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Security Scan Plus 2.0.181.2/3.11.376 Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system. | 8.8 |
| 2017-03-14 | CVE-2015-8993 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | 7.0 |
| 2017-03-14 | CVE-2015-8992 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | 7.0 |
| 2017-03-14 | CVE-2015-8991 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | 7.0 |
| 2017-03-14 | CVE-2015-8990 | 7PK - Security Features vulnerability in Mcafee Advanced Threat Defense Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. | 7.5 |
| 2017-03-14 | CVE-2015-8989 | Cryptographic Issues vulnerability in Mcafee vulnerability Manager Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database. | 8.8 |
| 2017-03-14 | CVE-2015-8988 | Command Injection vulnerability in Mcafee EPO Deep Command 2.1/2.2 Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path. | 8.8 |
| 2017-03-14 | CVE-2013-7462 | Path Traversal vulnerability in Mcafee Saas Control Console Platform 6.15 A directory traversal vulnerability in the web application in McAfee (now Intel Security) SaaS Control Console (SCC) Platform 6.14 before patch 1070, and 6.15 before patch 1076 allows unauthenticated users to view contents of arbitrary system files that did not have file system level read access restrictions via a null-byte injection exploit. | 7.5 |
| 2016-06-30 | CVE-2016-4472 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. | 8.1 |
| 2016-06-09 | CVE-2016-4447 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-based buffer underread and application crash) via a crafted file, involving xmlParseName. | 7.5 |