31 matches found
EUVD-2017-13014
Malware in sbrugna...
EUVD-2016-8874
Malware in sbrugna...
EUVD-2022-39679
Malicious code in bioql PyPI...
CVE-2022-37025
An improper privilege management vulnerability in McAfee Security Scan Plus MSS+ before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execute arbitrary...
CVE-2022-37025
An improper privilege management vulnerability in McAfee Security Scan Plus MSS+ before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execute arbitrary...
CVE-2022-37025
An improper privilege management vulnerability in McAfee Security Scan Plus MSS+ before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execute arbitrary...
Privilege escalation
An improper privilege management vulnerability in McAfee Security Scan Plus MSS+ before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execute arbitrary...
CVE-2022-37025
An improper privilege management vulnerability in McAfee Security Scan Plus MSS+ before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execute arbitrary...
CVE-2022-37025
CVE-2022-37025 affects McAfee Security Scan Plus (MSS+) prior to 4.1.262.1. The vulnerability is described as improper privilege management that could let a local user modify a configuration file and perform a LOLBin (Living off the Land) attack, enabling elevated permissions and potential arbitr...
McAfee Security Scan Plus 安全漏洞
McAfee Security Scan Plus MSS+ is a tool from McAfee, Inc. that protects computers from spyware and viruses. A security vulnerability exists in versions of McAfee Security Scan Plus MSS+ prior to 4.1.262.1, which stems from a faulty privilege management that could allow a local user to modify...
PT-2022-4406 · Mcafee · Mcafee Security Scan Plus
Name of the Vulnerable Software and Affected Versions: McAfee Security Scan Plus versions prior to 4.1.262.1 Description: The issue is related to improper privilege management, which could allow a local user to modify a configuration file. This modification can lead to a Living off the Land LOLBi...
McAfee Security Scan Plus Remote Command Execution
Vulnerability Summary The following advisory describes a Remote Command Execution found in McAfee Security Scan Plus version 3.11.587.1 McAfee Security Scan Plus is “a free diagnostic tool that ensures you are protected from threats by actively checking your computer for up-to-date anti-virus,...
McAfee Security Scan Plus < 3.11.599.3 LiveSafe Non-certificate-based Authentication HTTP Backend-response Handling MitM Registry Value Manipulation (TS102723)
The version of McAfee Security Scan Plus installed on the remote Windows host is prior to 3.11.599.3. It is, therefore, affected by a flaw in the non-certificate-based authentication mechanism that is triggered during the handling of HTTP backend-responses. This may allow a man-in-the-middle...
CVE-2017-3897
A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus MSS+ versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response...
CVE-2017-3897
A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus MSS+ versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response...
CVE-2017-3897
The CVE-2017-3897 entry affects McAfee LiveSafe (older than 16.0.3) and McAfee Security Scan Plus (MSS+) older than 3.11.599.3. It is a code-injection vulnerability in the non‑certificate‑based authentication mechanism that can be triggered by a HTTP backend‑response, allowing a network attacker ...
CVE-2017-3897
A Code Injection vulnerability in the non-certificate-based authentication mechanism in McAfee Live Safe versions prior to 16.0.3 and McAfee Security Scan Plus MSS+ versions prior to 3.11.599.3 allows network attackers to perform a malicious file execution via a HTTP backend-response...
McAfee Security Scan Plus < 3.11.587.1 Protection Level UI Element Download MitM Command Execution (TS102714)
The version of McAfee Security Scan Plus installed on the remote Windows host is prior to 3.11.587.1. It is, therefore, affected by a flaw that is triggered as HTML elements for displaying the Protection Level in the UI are requested using a cleartext protocol. This may allow a man-in-the-middle...
McAfee Security Scan Plus File Execution Vulnerability - Windows
McAfee Security Scan Plus is prone to file execution vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
McAfee Security Scan Plus Privilege Escalation Vulnerability - Windows
McAfee Security Scan Plus is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...