Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee epolicy orchestrator 5.10.0 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2022-0842
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote authenticated malicious user to potentially obtain information from the ePO database. The data obtained is dependent on the privileges the attacker has and to...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
3.5
CVSSv2
CVE-2021-31834
Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4.3
CVSSv2
CVE-2021-31835
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via a specific parameter where the administrator's entries were not correctly sanitized.
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.8
CVSSv2
CVE-2021-3712
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Santricity Smi-s Provider -
Netapp Clustered Data Ontap -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Manageability Software Development Kit -
Netapp Storage Encryption -
Netapp E-series Santricity Os Controller
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Tenable Tenable.sc
Tenable Nessus Network Monitor
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Zfs Storage Appliance Kit 8.8
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Mysql Server
Oracle Mysql Workbench
2 Github repositories
4.3
CVSSv2
CVE-2021-2432
Vulnerability in the Java SE product of Oracle Java SE (component: JNDI). The supported version that is affected is Java SE: 7u301. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful atta...
Oracle Jdk 1.7.0
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5
CVSSv2
CVE-2021-33037
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ign...
Apache Tomcat
Apache Tomee 8.0.6
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Instantis Enterprisetrack 17.1
Oracle Instantis Enterprisetrack 17.2
Oracle Instantis Enterprisetrack 17.3
Oracle Agile Plm 9.3.6
Oracle Communications Policy Management 12.5.0
Oracle Sd-wan Edge 9.0
Oracle Managed File Transfer 12.2.1.4.0
Oracle Secure Global Desktop 5.6
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Communications Session Route Manager
Oracle Mysql Enterprise Monitor
Oracle Communications Session Report Manager
Oracle Sd-wan Edge 9.1
Oracle Utilities Testing Accelerator 6.0.0.2.2
Oracle Utilities Testing Accelerator 6.0.0.3.1
Oracle Utilities Testing Accelerator 6.0.0.1.1
5
CVSSv2
CVE-2021-30639
A vulnerability in Apache Tomcat allows an malicious user to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests...
Apache Tomcat 10.0.4
Apache Tomcat 9.0.44
Apache Tomcat 10.0.3
Apache Tomcat 8.5.64
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Oracle Big Data Spatial And Graph
2.1
CVSSv2
CVE-2020-13938
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
Apache Http Server
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Netapp Cloud Backup -
4.3
CVSSv2
CVE-2021-2161
Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition: 19.3.5, 20....
Oracle Jdk 11.0.10
Oracle Jdk 16.0.0
Oracle Jdk 1.8.0
Oracle Jdk 1.7.0
Oracle Jre 1.8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Oracle Graalvm 20.3.1.2
Oracle Graalvm 21.0.0.2
Oracle Graalvm 19.3.5
Oracle Openjdk 8
Oracle Openjdk 7
Oracle Openjdk 16
Oracle Openjdk
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Active Iq Unified Manager -
Netapp Hci Compute Node -
4.9
CVSSv2
CVE-2021-23888
Unvalidated client-side URL redirect vulnerability in McAfee ePolicy Orchestrator (ePO) before 5.10 Update 10 could cause an authenticated ePO user to load an untrusted site in an ePO iframe which could steal information from the authenticated user.
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »