Vulnerabilities > Mcafee > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-14 | CVE-2016-8017 | Improper Input Validation vulnerability in Mcafee Virusscan Enterprise Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input. | 4.0 |
2017-03-14 | CVE-2016-8012 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Data Loss Prevention Endpoint Access control vulnerability in Intel Security Data Loss Prevention Endpoint (DLPe) 9.4.200 and 9.3.600 allows authenticated users with Read-Write-Execute permissions to inject hook DLLs into other processes via pages in the target process memory get. | 4.6 |
2017-03-14 | CVE-2016-8010 | Improper Access Control vulnerability in Mcafee Application Control and Endpoint Security Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility. | 4.6 |
2017-03-14 | CVE-2016-8009 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Application Control Privilege escalation vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and 6.x versions allows attackers to cause DoS, unexpected behavior, or potentially unauthorized code execution via an unauthorized use of IOCTL call. | 4.6 |
2017-03-14 | CVE-2016-8005 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Email Gateway File extension filtering vulnerability in Intel Security McAfee Email Gateway (MEG) before 7.6.404h1128596 allows attackers to fail to identify the file name properly via scanning an email with a forged attached filename that uses a null byte within the filename extension. | 4.0 |
2017-03-14 | CVE-2015-8993 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | 6.9 |
2017-03-14 | CVE-2015-8992 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | 6.9 |
2017-03-14 | CVE-2015-8991 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Cloud AV, Security Scan Plus and Security Webadvisor Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. | 6.9 |
2017-03-14 | CVE-2015-8990 | 7PK - Security Features vulnerability in Mcafee Advanced Threat Defense 3.4.2.32/3.4.4.14/3.4.4.142 Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier allows malware samples to bypass ATD detection via renaming the malware. | 5.0 |
2017-03-14 | CVE-2015-8989 | Cryptographic Issues vulnerability in Mcafee vulnerability Manager 7.0.11/7.5.4/7.5.5 Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database. | 4.0 |