Virusscan Enterprise@* Security Vulnerabilities and Issues — Virusscan Enterprise@* CVE List

Lucene search

McafeeVirusscan Enterprise*

11 matches found

CVE•added 2017/03/14 10:59 p.m.•65 views

CVE-2016-8024

Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.

8.1CVSS7.4AI score0.09215EPSS

CVE•added 2017/03/14 10:59 p.m.•62 views

CVE-2016-8025

SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.

6.2CVSS6AI score0.0185EPSS

CVE•added 2017/03/14 10:59 p.m.•60 views

CVE-2016-8021

Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.

5CVSS5.9AI score0.02847EPSS

CVE•added 2017/03/14 10:59 p.m.•59 views

CVE-2016-8016

Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.

3.5CVSS4.7AI score0.09829EPSS

CVE•added 2017/03/14 10:59 p.m.•54 views

CVE-2016-8019

Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.

6.1CVSS5.8AI score0.01334EPSS

CVE•added 2017/03/14 10:59 p.m.•51 views

CVE-2016-8023

Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.

8.1CVSS7.6AI score0.11326EPSS

CVE•added 2017/03/14 10:59 p.m.•48 views

CVE-2016-8017

Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.

4.1CVSS4.7AI score0.14314EPSS

CVE•added 2017/03/14 10:59 p.m.•48 views

CVE-2016-8018

Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.

6CVSS5AI score0.00434EPSS

CVE•added 2017/03/14 10:59 p.m.•48 views

CVE-2016-8020

Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter.

8CVSS7.5AI score0.02922EPSS

CVE•added 2017/03/14 10:59 p.m.•47 views

CVE-2016-8022

Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.

7.5CVSS8AI score0.08579EPSS

CVE•added 2017/04/25 4:59 p.m.•42 views

CVE-2016-8030

A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link.

4.3CVSS4.7AI score0.0036EPSS