CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 2CVE-2016-8018 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8018
14 Dec 2016 — Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input. Vulnerabilidad de CSRF en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos autenticados ejecutar comandos no autorizados a través de una entrada de usuario manipulada. McAfee Virus Scan Enterprise for Linux suffers from a remote code execution vu... • https://packetstorm.news/files/id/140147 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2016-8022 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8022
14 Dec 2016 — Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie. Vulnerabilidad de elusión de autenticación mediante suplantación de identidad en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados ejecutar código arbitrario o provocar una denegación del... • https://packetstorm.news/files/id/140147 • CWE-287: Improper Authentication •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 2CVE-2016-8023 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8023
14 Dec 2016 — Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie. Vulnerabilidad de elusión de autenticación por datos supuestos inmutables en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados eludir autenticación del servidor través de una cookie de autenticaci... • https://packetstorm.news/files/id/140147 • CWE-287: Improper Authentication •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 3CVE-2016-8016 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8016
14 Dec 2016 — Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter. Exposición de información en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos autenticados obtener la existencia de archivos no autorizados en el sistema a través de un parámetro de URL. McAfee Virus Scan Enterprise for Linux suffers from a remote cod... • https://packetstorm.news/files/id/140147 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 2CVE-2016-8017 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8017
14 Dec 2016 — Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input. Vulnerabilidad de inyección de elementos especiales en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos autenticados leer archivos en el servidor web a través de una entrada de usuario manipulada. McAfee Virus Scan Enterprise for Linux suffers from a remot... • https://packetstorm.news/files/id/140147 • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 2CVE-2016-8024 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8024
14 Dec 2016 — Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing. Vulnerabilidad de neutralización inapropiada de secuencias CRLF en cabeceras HTTP en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados obtener información sensible a través de la supla... • https://packetstorm.news/files/id/140147 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 2CVE-2016-8020 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8020
14 Dec 2016 — Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter. Vulnerabilidad de control inapropiado de generación de código en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a usuarios autenticados ejecutar código arbitrario a través de un parámetro de petición HTTP manipulado. McAfee Virus Scan Enterprise fo... • https://packetstorm.news/files/id/140147 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2CVE-2016-8021 – McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-8021
14 Dec 2016 — Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file. Vulnerabilidad de verificación inapropiada de firma criptográfica en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a usuarios remotos autenticados suplantar el servidor de actualización y ejecutar código arbitrario a través d... • https://packetstorm.news/files/id/140147 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 3.0EPSS: 0%CPEs: 2EXPL: 4CVE-2016-4534 – McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass
https://notcve.org/view.php?id=CVE-2016-4534
05 May 2016 — The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles. La McAfee VirusScan Console (mcconsol.exe) en McAfee VirusScan Enterprise 8.8.0 en versiones anteriores a Hotfix 1123565 (8.8.0.1546) sobre Windows permite a administradores locales eludir reglas destinadas a la autoprotección y desbloquear la ventana de co... • https://www.exploit-db.com/exploits/39531 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.1EPSS: 0%CPEs: 8EXPL: 2CVE-2016-3984 – McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass
https://notcve.org/view.php?id=CVE-2016-3984
08 Apr 2016 — The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.152... • https://www.exploit-db.com/exploits/39531 • CWE-284: Improper Access Control •