Vulnerabilities > Mcafee > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-20 | CVE-2016-1840 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. | 7.8 |
| 2016-05-20 | CVE-2016-1834 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document. | 7.8 |
| 2016-05-05 | CVE-2016-4535 | Improper Input Validation vulnerability in Mcafee Livesafe 14.0 Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed executable. | 7.5 |
| 2016-04-08 | CVE-2016-3983 | Insufficient Verification of Data Authenticity vulnerability in Mcafee Advanced Threat Defense McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass malware detection by leveraging information about the parent process. | 7.5 |
| 2016-03-24 | CVE-2016-1762 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document. | 8.1 |
| 2016-02-01 | CVE-2016-2199 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee vulnerability Manager Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation management page in Enterprise Manager in McAfee Vulnerability Manager (MVM) before 7.5.10 allow remote attackers to hijack the authentication of administrators for requests that have unspecified impact via unknown vectors. | 8.8 |
| 2016-01-29 | CVE-2015-8773 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mcafee File Lock 5.0 Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows attackers to cause a denial of service (system crash) via a long vault GUID in an ioctl call. | 7.5 |
| 2016-01-08 | CVE-2015-8765 | Unspecified vulnerability in Mcafee Epolicy Orchestrator Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | 8.3 |