Skip to main content

Virusscan Enterprise

19 CVEs product

Monthly

CVE-2020-7337 MEDIUM This Month

Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Virusscan Enterprise
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-7280 HIGH This Week

Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Virusscan Enterprise
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-7267 HIGH This Week

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Virusscan Enterprise
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2020-7266 HIGH This Week

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Virusscan Enterprise
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2018-6674 LOW Monitor

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Virusscan Enterprise
NVD
CVSS 3.0
3.9
EPSS
0.2%
CVE-2016-8030 MEDIUM PATCH This Month

A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Virusscan Enterprise
NVD
CVSS 3.0
4.3
EPSS
0.4%
CVE-2016-8025 MEDIUM POC This Month

SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request. Rated medium severity (CVSS 6.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Intel SQLi Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
6.2
EPSS
1.8%
CVE-2016-8024 HIGH POC This Week

Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
9.2%
CVE-2016-8023 HIGH POC THREAT Act Now

Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.3%.

Intel Authentication Bypass Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
11.3%
CVE-2016-8022 HIGH POC This Week

Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service RCE Intel Authentication Bypass Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
8.6%
CVE-2016-8021 MEDIUM POC This Month

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Intel Jwt Attack Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
5.0
EPSS
2.8%
CVE-2016-8020 HIGH POC This Week

Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Intel Code Injection Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
8.0
EPSS
2.9%
CVE-2016-8019 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Intel Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.3%
CVE-2016-8018 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel CSRF Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
0.4%
CVE-2016-8017 MEDIUM POC THREAT This Month

Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.3%.

Intel Code Injection Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
4.1
EPSS
14.3%
CVE-2016-8016 LOW POC Monitor

Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
CVSS 3.0
3.4
EPSS
9.8%
CVE-2016-4534 LOW POC PATCH Monitor

The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and. Rated low severity (CVSS 3.0). Public exploit code available.

Privilege Escalation Microsoft Virusscan Enterprise Windows
NVD Exploit-DB
CVSS 3.0
3.0
EPSS
2.4%
CVE-2016-3984 MEDIUM POC This Month

The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1,. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Active Response Agent Data Exchange Layer +4
NVD Exploit-DB
CVSS 3.0
5.1
EPSS
0.3%
CVE-2015-8577 LOW Monitor

The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit. Rated low severity (CVSS 2.6). No vendor patch available.

Privilege Escalation Buffer Overflow Virusscan Enterprise
NVD
CVSS 2.0
2.6
EPSS
0.0%
EPSS 0% CVSS 6.7
MEDIUM This Month

Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Virusscan Enterprise
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Virusscan Enterprise
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Virusscan Enterprise
NVD
EPSS 0% CVSS 8.4
HIGH This Week

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Virusscan Enterprise
NVD
EPSS 0% CVSS 3.9
LOW Monitor

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Virusscan Enterprise
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Virusscan Enterprise
NVD
EPSS 2% CVSS 6.2
MEDIUM POC This Month

SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request. Rated medium severity (CVSS 6.2), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Intel SQLi Virusscan Enterprise
NVD Exploit-DB
EPSS 9% CVSS 8.1
HIGH POC This Week

Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
EPSS 11% CVSS 8.1
HIGH POC THREAT Act Now

Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 11.3%.

Intel Authentication Bypass Virusscan Enterprise
NVD Exploit-DB
EPSS 9% CVSS 7.5
HIGH POC This Week

Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Denial Of Service RCE Intel +2
NVD Exploit-DB
EPSS 3% CVSS 5.0
MEDIUM POC This Month

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Intel Jwt Attack +1
NVD Exploit-DB
EPSS 3% CVSS 8.0
HIGH POC This Week

Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Intel Code Injection +1
NVD Exploit-DB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Intel Virusscan Enterprise
NVD Exploit-DB
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel CSRF Virusscan Enterprise
NVD Exploit-DB
EPSS 14% CVSS 4.1
MEDIUM POC THREAT This Month

Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 14.3%.

Intel Code Injection Virusscan Enterprise
NVD Exploit-DB
EPSS 10% CVSS 3.4
LOW POC Monitor

Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Intel Information Disclosure Virusscan Enterprise
NVD Exploit-DB
EPSS 2% CVSS 3.0
LOW POC PATCH Monitor

The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and. Rated low severity (CVSS 3.0). Public exploit code available.

Privilege Escalation Microsoft Virusscan Enterprise +1
NVD Exploit-DB
EPSS 0% CVSS 5.1
MEDIUM POC This Month

The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1,. Rated medium severity (CVSS 5.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Authentication Bypass Active Response +6
NVD Exploit-DB
EPSS 0% CVSS 2.6
LOW Monitor

The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit. Rated low severity (CVSS 2.6). No vendor patch available.

Privilege Escalation Buffer Overflow Virusscan Enterprise
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy