CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0815 – McAfee WebAdvisor - Extension Fingerprinting vulnerability
https://notcve.org/view.php?id=CVE-2022-0815
10 Mar 2022 — Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. This could lead to unexpected behaviors including; settings being changed, fingerprinting of the system leading to targeted scams, and not triggering the malicious software if McAfee software is detected. Una vulnerabilidad de control de acceso inapropiada en las extensiones del navegado... • https://service.mcafee.com/?articleId=TS103273&page=shell&shell=article-view • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3665 – Code Injection vulnerability
https://notcve.org/view.php?id=CVE-2019-3665
03 Dec 2019 — Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would normally have blocked via a carefully crafted web site. Una vulnerabilidad de Inyección de Código en la interfaz web de McAfee Web Advisor (WA) versiones anteriores a 4.1.1.48, habilita a un atacante remoto no autenticado para permitir que el navegador renderice un sitio web que Web Advisor normalmente habría bl... • http://service.mcafee.com/FAQDocument.aspx?&id=TS102991 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3666 – API Abuse Vulnerability
https://notcve.org/view.php?id=CVE-2019-3666
03 Dec 2019 — API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site. Una vulnerabilidad de abuso y uso indebido de la API en la interfaz web en McAfee Web Advisor (WA) versiones anteriores a 4.1.1.48, habilita a un atacante remoto no autenticado para permitir al navegador navegar en sitios web restringidos por medio de un sitio web cuidadosamente diseña... • http://service.mcafee.com/FAQDocument.aspx?&id=TS102991 •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2015-8991
https://notcve.org/view.php?id=CVE-2015-8991
14 Mar 2017 — Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. Vulnerabilidad de ejecución de archivos maliciosos en Intel Security McAfee Security Scan+ (MSS+) en versiones anteriores a 3.11.266.3 permite a los atacantes hacer que el producto sea momentáneamente vulnerable a través ... • https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2015-8993
https://notcve.org/view.php?id=CVE-2015-8993
14 Mar 2017 — Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. Vulnerabilidad de ejecución de archivos maliciosos en Intel Security CloudAV (Beta) en versiones anteriores a 0.5.0.151.3 permite a atacantes hacer que el producto sea momentáneamente vulnerable a través de la ejecución de malware pre... • https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2015-8992
https://notcve.org/view.php?id=CVE-2015-8992
14 Mar 2017 — Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation. Vulnerabilidad de ejecución de archivos maliciosos en Intel Security WebAdvisor en versiones anteriores a 4.0.2, 4.0.1 y 3.7.2 permite a atacantes hacer que el producto sea momentáneamente vulnerable a través de la ejecución de... • https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102462 • CWE-264: Permissions, Privileges, and Access Controls •