Export limit exceeded: 350467 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350467 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-6695 | 1 Mcafee | 1 Threat Intelligence Exchange Server | 2024-11-21 | 5.9 Medium |
| SSH host keys generation vulnerability in the server in McAfee Threat Intelligence Exchange Server (TIE Server) 1.3.0, 2.0.x, 2.1.x, 2.2.0 allows man-in-the-middle attackers to spoof servers via acquiring keys from another environment. | ||||
| CVE-2018-6693 | 2 Linux, Mcafee | 3 Linux Kernel, Endpoint Security For Linux Threat Prevention, Endpoint Security Linux Threat Prevention | 2024-11-21 | 5.3 Medium |
| An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files. | ||||
| CVE-2018-6692 | 1 Belkin | 2 Wemo Insight Smart Plug, Wemo Insight Smart Plug Firmware | 2024-11-21 | 10.0 Critical |
| Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet. | ||||
| CVE-2018-6690 | 2 Mcafee, Microsoft | 2 Application Change Control, Windows | 2024-11-21 | 7.1 High |
| Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system. | ||||
| CVE-2018-6689 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2024-11-21 | 7.8 High |
| Authentication Bypass vulnerability in McAfee Data Loss Prevention Endpoint (DLPe) 10.0.x earlier than 10.0.510, and 11.0.x earlier than 11.0.600 allows attackers to bypass local security protection via specific conditions. | ||||
| CVE-2018-6687 | 2 Mcafee, Microsoft | 2 Getsusp, Windows | 2024-11-21 | 5.5 Medium |
| Loop with Unreachable Exit Condition ('Infinite Loop') in McAfee GetSusp (GetSusp) 3.0.0.461 and earlier allows attackers to DoS a manual GetSusp scan via while scanning a specifically crafted file . GetSusp is a free standalone McAfee tool that runs on several versions of Microsoft Windows. | ||||
| CVE-2018-6686 | 1 Mcafee | 1 Drive Encryption | 2024-11-21 | 6.6 Medium |
| Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances. | ||||
| CVE-2018-6683 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-11-21 | 7.4 High |
| Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline. | ||||
| CVE-2018-6682 | 1 Mcafee | 1 True Key | 2024-11-21 | 6.1 Medium |
| Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site. | ||||
| CVE-2018-6681 | 1 Mcafee | 1 Network Security Manager | 2024-11-21 | 5.4 Medium |
| Abuse of Functionality vulnerability in the web interface in McAfee Network Security Management (NSM) 9.1.7.11 and earlier allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via appliance web interface. | ||||
| CVE-2018-6678 | 1 Mcafee | 1 Mcafee Web Gateway | 2024-11-21 | 9.1 Critical |
| Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2018-6677 | 1 Mcafee | 1 Mcafee Web Gateway | 2024-11-21 | 9.1 Critical |
| Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors. | ||||
| CVE-2018-6674 | 2 Mcafee, Microsoft | 2 Virusscan Enterprise, Windows | 2024-11-21 | N/A |
| Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges). | ||||
| CVE-2018-6672 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-11-21 | N/A |
| Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors. | ||||
| CVE-2018-6671 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-11-21 | N/A |
| Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted HTTP request. | ||||
| CVE-2018-6670 | 1 Mcafee | 1 Common Catalog | 2024-11-21 | N/A |
| External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows remote authenticated users to view confidential information via a crafted HTTP request parameter. | ||||
| CVE-2018-6669 | 1 Mcafee | 1 Application Change Control | 2024-11-21 | N/A |
| A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows a remote or local user to execute blacklisted files through an ASP.NET form. | ||||
| CVE-2018-6667 | 1 Mcafee | 1 Mcafee Web Gateway | 2024-11-21 | N/A |
| Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX). | ||||
| CVE-2018-6664 | 2 Mcafee, Microsoft | 2 Data Loss Prevention Endpoint, Windows | 2024-11-21 | N/A |
| Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility. | ||||
| CVE-2018-6662 | 2 Apple, Mcafee | 2 Mac Os X, Management Of Native Encryption | 2024-11-21 | 7.8 High |
| Privilege Escalation vulnerability in McAfee Management of Native Encryption (MNE) before 4.1.4 allows local users to gain elevated privileges via a crafted user input. | ||||