Vulnerabilities > Microsoft > Windows
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-10 | CVE-2022-0280 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. | 7.0 |
| 2018-06-26 | CVE-2018-0599 | Untrusted Search Path vulnerability in Microsoft Windows Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0598 | Untrusted Search Path vulnerability in Microsoft Windows Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2016-06-16 | CVE-2016-4158 | Permissions, Privileges, and Access Controls vulnerability in multiple products Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.7.0.272 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory. | 7.3 |
| 2016-05-05 | CVE-2016-4534 | Permissions, Privileges, and Access Controls vulnerability in multiple products The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles. | 3.0 |
| 2016-01-12 | CVE-2016-1715 | Numeric Errors vulnerability in multiple products The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption and system crash) or gain privileges via a 768 syscall, which triggers a zero to be written to an arbitrary kernel memory location. | 6.6 |