Filtered by vendor Mcafee
Subscriptions
Total
605 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2004-0230 | 7 Juniper, Mcafee, Microsoft and 4 more | 12 Junos, Network Data Loss Prevention, Windows 2000 and 9 more | 2025-05-02 | N/A |
| TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. | ||||
| CVE-2022-43751 | 1 Mcafee | 1 Total Protection | 2025-04-29 | 7.8 High |
| McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges. | ||||
| CVE-2022-0858 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-23 | 4.3 Medium |
| A cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's session by convincing the attacker to click on a carefully crafted link. This would lead to limited ability to alter some information in ePO due to the area of the User Interface the vulnerability is present in. | ||||
| CVE-2015-7704 | 6 Citrix, Debian, Mcafee and 3 more | 16 Xenserver, Debian Linux, Enterprise Security Manager and 13 more | 2025-04-20 | 7.5 High |
| The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | ||||
| CVE-2017-1000366 | 8 Debian, Gnu, Mcafee and 5 more | 26 Debian Linux, Glibc, Web Gateway and 23 more | 2025-04-20 | N/A |
| glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier. | ||||
| CVE-2017-9287 | 5 Debian, Mcafee, Openldap and 2 more | 11 Debian Linux, Policy Auditor, Openldap and 8 more | 2025-04-20 | 6.5 Medium |
| servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0. | ||||
| CVE-2017-4053 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to execute a command of their choice via a crafted HTTP request parameter. | ||||
| CVE-2017-4054 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote authenticated users to execute a command of their choice via a crafted HTTP request parameter. | ||||
| CVE-2017-4016 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Web Server method disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to exploit and find another hole via HTTP response header. | ||||
| CVE-2017-4014 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Session Side jacking vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view, add, and remove users via modification of the HTTP request. | ||||
| CVE-2017-3899 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter. | ||||
| CVE-2017-3935 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type. | ||||
| CVE-2017-4013 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Banner Disclosure in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to obtain product information via HTTP response header. | ||||
| CVE-2017-17740 | 4 Mcafee, Openldap, Opensuse and 1 more | 4 Policy Auditor, Openldap, Leap and 1 more | 2025-04-20 | 7.5 High |
| contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | ||||
| CVE-2017-3980 | 1 Mcafee | 1 Epolicy Orchestrator | 2025-04-20 | N/A |
| A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choice via an authenticated ePO session. | ||||
| CVE-2017-4011 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Embedding Script (XSS) in HTTP Headers vulnerability in the server in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request. | ||||
| CVE-2017-3948 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2025-04-20 | N/A |
| Cross Site Scripting (XSS) in IMG Tags in the ePO extension in McAfee Data Loss Prevention Endpoint (DLP Endpoint) 10.0.x allows authenticated users to inject arbitrary web script or HTML via injecting malicious JavaScript into a user's browsing session. | ||||
| CVE-2017-3933 | 1 Mcafee | 1 Network Data Loss Prevention | 2025-04-20 | N/A |
| Embedding Script (XSS) in HTTP Headers vulnerability in McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote authenticated users to view confidential information via a cross site request forgery attack. | ||||
| CVE-2017-4052 | 1 Mcafee | 1 Advanced Threat Defense | 2025-04-20 | N/A |
| Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP request parameter. | ||||
| CVE-2017-3896 | 1 Mcafee | 1 Mcafee Agent | 2025-04-20 | N/A |
| Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated. | ||||