| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2000-0502 |
|
|
|
2000-06-08 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. |
|
2 |
CVE-2005-2186 |
|
|
XSS |
2005-07-11 |
2016-10-18 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the (1) thirdMenuName or (2) resourceName parameter to SystemEvent.jsp. |
|
3 |
CVE-2006-3575 |
|
|
DoS Overflow |
2006-07-13 |
2018-10-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields. |
|
4 |
CVE-2006-4886 |
|
|
Bypass |
2006-09-19 |
2018-10-17 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
|
The VirusScan On-Access Scan component in McAfee VirusScan Enterprise 7.1.0 and Scan Engine 4.4.00 allows local privileged users to bypass security restrictions and disable the On-Access Scan option by opening the program via the task bar and quickly clicking the Disable button, possibly due to an interface-related race condition. |
|
5 |
CVE-2008-7020 |
310 |
|
+Info |
2009-08-21 |
2017-08-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. |
|
6 |
CVE-2009-5117 |
200 |
|
+Info |
2012-08-22 |
2017-08-29 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10 and 9.x before 9.0.0.422, when HTTP Capture mode is enabled, allows local users to obtain sensitive information from web traffic by reading unspecified files. |
|
7 |
CVE-2010-5143 |
264 |
|
|
2012-08-22 |
2012-08-22 |
2.6 |
None |
Local |
High |
Not required |
None |
Partial |
Partial |
|
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module. |
|
8 |
CVE-2012-4584 |
310 |
|
+Info |
2012-08-22 |
2012-10-30 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not properly encrypt system-backup data, which makes it easier for remote authenticated users to obtain sensitive information by reading a backup file, as demonstrated by obtaining password hashes. |
|
9 |
CVE-2012-4586 |
264 |
|
Bypass |
2012-08-22 |
2012-08-22 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, accesses files with the privileges of the root user, which allows remote authenticated users to bypass intended permission settings by requesting a file. |
|
10 |
CVE-2012-4587 |
264 |
|
|
2012-08-22 |
2017-08-29 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
McAfee Enterprise Mobility Manager (EMM) Agent before 4.8 and Server before 10.1, when one-time provisioning (OTP) mode is enabled, have an improper dependency on DNS SRV records, which makes it easier for remote attackers to discover user passwords by spoofing the EMM server, as demonstrated by a password entered on an iOS device. |
|
11 |
CVE-2012-4589 |
|
|
|
2012-08-22 |
2017-08-29 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. |
|
12 |
CVE-2013-7460 |
284 |
|
Bypass |
2017-03-14 |
2017-03-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions. |
|
13 |
CVE-2013-7461 |
284 |
|
Bypass |
2017-03-14 |
2017-03-16 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions. |
|
14 |
CVE-2014-8518 |
255 |
|
|
2014-10-29 |
2014-11-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x through 4.2.x, uses a hard-coded salt, which makes it easier for local users to obtain passwords via a brute force attack. |
|
15 |
CVE-2014-8519 |
|
|
|
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors. |
|
16 |
CVE-2014-8521 |
352 |
|
XSS |
2014-10-29 |
2014-10-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
17 |
CVE-2014-8526 |
200 |
|
+Info |
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace. |
|
18 |
CVE-2014-8527 |
255 |
|
+Info |
2014-10-29 |
2014-10-30 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information and affect integrity via vectors related to a "plain text password." |
|
19 |
CVE-2014-8528 |
200 |
|
+Info |
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log. |
|
20 |
CVE-2014-8529 |
310 |
|
+Info |
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. |
|
21 |
CVE-2014-8532 |
|
|
+Info |
2014-10-29 |
2014-10-30 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows local users to obtain sensitive information and impact integrity via unknown vectors, related to partition mounting. |
|
22 |
CVE-2014-8534 |
|
|
DoS |
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field. |
|
23 |
CVE-2014-8536 |
200 |
|
+Info |
2014-10-29 |
2017-09-08 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. |
|
24 |
CVE-2014-8537 |
200 |
|
+Info |
2014-10-29 |
2017-09-08 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs. |
|
25 |
CVE-2015-1617 |
79 |
|
XSS |
2015-02-17 |
2015-02-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
26 |
CVE-2015-1619 |
79 |
|
XSS |
2015-02-17 |
2015-02-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the Secure Web Mail Client user interface in McAfee Email Gateway (MEG) 7.6.x before 7.6.3.2, 7.5.x before 75.6, 7.0.x through 7.0.5, 5.6, and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified tokens in Digest messages. |
|
27 |
CVE-2015-2760 |
79 |
|
XSS |
2015-03-27 |
2016-12-03 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
28 |
CVE-2015-7238 |
264 |
|
+Info |
2015-09-18 |
2015-09-22 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files. |
|
29 |
CVE-2015-8577 |
264 |
|
Overflow Bypass |
2015-12-16 |
2016-05-26 |
2.6 |
None |
Local |
High |
Not required |
Partial |
Partial |
None |
|
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors. |
|
30 |
CVE-2015-8987 |
284 |
|
|
2017-03-14 |
2017-03-23 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server. |
|
31 |
CVE-2016-3984 |
284 |
|
Bypass |
2016-04-08 |
2016-05-18 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys. |
|
32 |
CVE-2016-8006 |
264 |
|
Bypass |
2017-01-05 |
2017-01-18 |
1.7 |
None |
Local |
Low |
??? |
None |
Partial |
None |
|
Authentication bypass vulnerability in Enterprise Security Manager (ESM) and License Manager (LM) in Intel Security McAfee Security Information and Event Management (SIEM) 9.6.0 MR3 allows an administrator to make changes to other SIEM users' information including user passwords without supplying the current administrator password a second time via the GUI or GUI terminal commands. |
|
33 |
CVE-2016-8007 |
284 |
|
Bypass |
2017-03-14 |
2017-03-23 |
3.0 |
None |
Local |
Medium |
??? |
None |
Partial |
Partial |
|
Authentication bypass vulnerability in McAfee Host Intrusion Prevention Services (HIPS) 8.0 Patch 7 and earlier allows authenticated users to manipulate the product's registry keys via specific conditions. |
|
34 |
CVE-2016-8016 |
200 |
|
+Info |
2017-03-14 |
2017-09-03 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. |
|
35 |
CVE-2016-8021 |
347 |
|
Exec Code |
2017-03-14 |
2017-09-03 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. |
|
36 |
CVE-2017-3902 |
79 |
|
XSS Bypass |
2017-02-13 |
2017-07-26 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation. |
|
37 |
CVE-2017-3933 |
79 |
|
XSS CSRF |
2017-10-31 |
2017-11-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack. |
|
38 |
CVE-2017-3948 |
79 |
|
XSS |
2017-06-23 |
2017-07-05 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session. |
|
39 |
CVE-2017-3961 |
79 |
|
XSS |
2018-05-25 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via crafted user input of attributes. |
|
40 |
CVE-2017-3964 |
79 |
|
XSS |
2018-04-04 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter. |
|
41 |
CVE-2017-4015 |
20 |
|
|
2017-05-17 |
2017-07-08 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Clickjacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to inject arbitrary web script or HTML via HTTP response header. |
|
42 |
CVE-2018-6659 |
79 |
|
XSS |
2018-04-02 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Reflected Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows remote authenticated users to exploit an XSS issue via not sanitizing the user input. |
|
43 |
CVE-2018-6681 |
79 |
|
XSS |
2018-07-17 |
2019-10-09 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Abuse of Functionality vulnerability in the web interface in McAfee Network Security Management (NSM) 9.1.7.11 and earlier allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via appliance web interface. |
|
44 |
CVE-2019-3584 |
287 |
|
|
2019-01-23 |
2020-08-24 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Exploitation of Authentication vulnerability in MVision Endpoint in McAfee MVision Endpoint Prior to 1811 Update 1 (18.11.31.62) allows authenticated administrator users --> administrators to Remove MVision Endpoint via unspecified vectors. |
|
45 |
CVE-2019-3602 |
79 |
|
XSS |
2019-05-15 |
2019-05-21 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5 allows an authenticated administrator to embed an XSS in the administrator interface via a specially crafted custom rule containing HTML. |
|
46 |
CVE-2019-3606 |
312 |
|
+Info |
2019-03-26 |
2020-08-24 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands. |
|
47 |
CVE-2019-3612 |
312 |
|
|
2019-04-10 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line. |
|
48 |
CVE-2019-3615 |
200 |
|
+Info |
2019-03-12 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin browser login screen. |
|
49 |
CVE-2019-3641 |
|
|
|
2019-11-13 |
2020-10-16 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages. |
|
50 |
CVE-2019-3653 |
|
|
|
2019-10-09 |
2020-10-16 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool. |
