Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and previous versions and 5.1.3 and previous versions allows malicious users to alter a SQL query, which can result in disclosure of information within the database or impersona...
Mcafee Epolicy Orchestrator
668
VMScore
CVE-2006-5272
Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 up to and including 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and previous versions allows remote malicious users to execute arbitrary code via a crafted ping packet.
Mcafee Protectionpilot 1.1.1
Mcafee Common Management Agent
Mcafee Protectionpilot 1.5.0
Mcafee E-business Server 3.5
Mcafee E-business Server 3.6.1
668
VMScore
CVE-2004-0038
McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote malicious users to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81.
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 3.0
668
VMScore
CVE-2003-0616
Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote malicious users to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.0
668
VMScore
CVE-2003-0149
Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote malicious users to execute arbitrary code via a POST request containing long parameters.
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.0
Mcafee Epolicy Orchestrator 2.5.1
655
VMScore
CVE-2013-4882
Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and previous versions, and the ePolicy Orchestrator (ePO) extension for McAfee Agent (MA) 4.5 and 4.6, allow remote authenticated users to execute arbitrary SQL commands via the uid parameter to (1) core/...
Mcafee Epolicy Orchestrator 4.6.5
Mcafee Epolicy Orchestrator 4.6.4
Mcafee Epolicy Orchestrator
Mcafee Epolicy Orchestrator Agent 4.5
Mcafee Epolicy Orchestrator 4.6.3
Mcafee Epolicy Orchestrator 4.6.2
Mcafee Epolicy Orchestrator Agent 4.6
Mcafee Epolicy Orchestrator 4.6.0
Mcafee Epolicy Orchestrator 4.6.1
1 EDB exploit
641
VMScore
CVE-2003-0148
The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 up to and including 3.0 allows malicious users to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO serv...
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator 3.0
Mcafee Epolicy Orchestrator 2.0
606
VMScore
CVE-2020-2604
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with...
Oracle Jre 1.8.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jdk 11.0.5
Oracle Jdk 13.0.1
Oracle Graalvm 19.3.0.2
Oracle Commerce Guided Search 11.3.2
Oracle Commerce Experience Manager 11.3.2
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 7.7
Redhat Enterprise Linux Eus 8.1
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Openjdk
605
VMScore
CVE-2019-3604
Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.
Mcafee Epolicy Orchestrator
578
VMScore
CVE-2017-3980
A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and previous versions allows remote authenticated users to execute a command of their choice via an authenticated ePO session.
Mcafee Epolicy Orchestrator
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »