Filtered by vendor Mcafee
Subscriptions
Total
604 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-2584 | 1 Mcafee | 3 Security Center, Securitycenter Agent, Virusscan | 2025-04-09 | N/A |
| Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument. | ||||
| CVE-2006-6474 | 1 Mcafee | 1 Virusscan | 2025-04-09 | N/A |
| Untrusted search path vulnerability in McAfee VirusScan for Linux 4510e and earlier includes the current working directory in the DT_RPATH environment variable, which allows local users to load arbitrary ELF DSO libraries and execute arbitrary code by installing malicious libraries in that directory. | ||||
| CVE-2006-5417 | 1 Mcafee | 4 Internet Security Suite, Network Agent, Personal Firewall Plus and 1 more | 2025-04-09 | N/A |
| McAfee Network Agent (mcnasvc.exe) 1.0.178.0, as used by multiple McAfee products possibly including Internet Security Suite, Personal Firewall Plus, and VirusScan, allows remote attackers to cause a denial of service (agent crash) via a long packet, possibly because of an invalid string position field value. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2006-5274 | 1 Mcafee | 3 Common Management Agent, Epolicy Orchestrator, Protectionpilot | 2025-04-09 | N/A |
| Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2006-5273 | 1 Mcafee | 3 Common Management Agent, E-business Server, Protectionpilot | 2025-04-09 | N/A |
| Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2007-1498 | 1 Mcafee | 2 Epolicy Orchestrator, Protectionpilot | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call. | ||||
| CVE-2006-5272 | 1 Mcafee | 3 Common Management Agent, E-business Server, Protectionpilot | 2025-04-09 | N/A |
| Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet. | ||||
| CVE-2006-5271 | 1 Mcafee | 2 E-business Server, Protectionpilot | 2025-04-09 | N/A |
| Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption. | ||||
| CVE-2006-5156 | 1 Mcafee | 2 Epolicy Orchestrator, Protectionpilot | 2025-04-09 | N/A |
| Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header. | ||||
| CVE-2006-6707 | 1 Mcafee | 2 Neotrace, Visual Trace | 2025-04-09 | N/A |
| Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express 3.25 and NeoTrace Pro (aka McAfee Visual Trace) 3.25 allows remote attackers to execute arbitrary code via a long argument string to the TraceTarget method. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2009-3566 | 1 Mcafee | 1 Intrushield Network Security Manager | 2025-04-09 | N/A |
| McAfee IntruShield Network Security Manager (NSM) before 5.1.11.8.1 does not include the HTTPOnly flag in the Set-Cookie header for the session identifier, which allows remote attackers to hijack a session by leveraging a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2009-3565 | 1 Mcafee | 1 Intrushield Network Security Manager | 2025-04-09 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee IntruShield Network Security Manager (NSM) before 5.1.11.6 allow remote attackers to inject arbitrary web script or HTML via the (1) iaction or (2) node parameter. | ||||
| CVE-2009-3339 | 1 Mcafee | 1 Email And Web Security Appliance | 2025-04-09 | N/A |
| Unspecified vulnerability in McAfee Email and Web Security Appliance 5.1 VMtrial allows remote attackers to read arbitrary files via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2007-1227 | 1 Mcafee | 1 Virex | 2025-04-09 | N/A |
| VShieldCheck in McAfee VirusScan for Mac (Virex) before 7.7 patch 1 allow local users to change permissions of arbitrary files via a symlink attack on /Library/Application Support/Virex/VShieldExclude.txt, as demonstrated by symlinking to the root crontab file to execute arbitrary commands. | ||||
| CVE-2009-2312 | 1 Mcafee | 1 Smartfilter | 2025-04-09 | N/A |
| SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges. | ||||
| CVE-2009-1491 | 2 Mcafee, Microsoft | 2 Groupshield, Exchange Server | 2025-04-09 | N/A |
| McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or anti-spam products from McAfee or other vendors, does not scan X- headers for malicious content, which allows remote attackers to bypass virus detection via a crafted message, as demonstrated by a message with an X-Testing header and no message body. | ||||
| CVE-2008-7020 | 1 Mcafee | 1 Safeboot Device Encryption | 2025-04-09 | N/A |
| McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. | ||||
| CVE-2008-3605 | 1 Mcafee | 1 Encrypted Usb Manager | 2025-04-09 | N/A |
| Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for passwords is nonzero, allows remote attackers to conduct offline brute force attacks via unknown vectors. | ||||
| CVE-2008-1855 | 1 Mcafee | 1 Cma | 2025-04-09 | N/A |
| FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and earlier, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote attackers to corrupt memory and cause a denial of service (CMA Framework service crash) via a long invalid method in requests for the /spin//AVClient//AVClient.csp URI, a different vulnerability than CVE-2006-5274. | ||||
| CVE-2023-0221 | 1 Mcafee | 1 Application And Change Control | 2025-04-04 | 4.4 Medium |
| Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. | ||||