Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2188
Privilege escalation vulnerability in DXL Broker for Windows before 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.
Mcafee Data Exchange Layer
NA
CVE-2022-3338
An External XML entity (XXE) vulnerability in ePO before 5.10 Update 14 can lead to an unauthenticated remote malicious user to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully con...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
NA
CVE-2022-3339
A reflected cross-site scripting (XSS) vulnerability in ePO before 5.10 Update 14 allows a remote unauthenticated malicious user to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted l...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
NA
CVE-2022-2330
Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows before 11.9.100 allows a remote malicious user to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML f...
Mcafee Data Loss Prevention Endpoint
NA
CVE-2022-37025
An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) prior to 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being ab...
Mcafee Security Scan Plus
NA
CVE-2022-2313
A DLL hijacking vulnerability in the MA Smart Installer for Windows before 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed.
Mcafee Agent
4.6
CVSSv2
CVE-2022-1823
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and ...
Mcafee Consumer Product Removal Tool
4.4
CVSSv2
CVE-2022-1824
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local malicious user to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able ...
Mcafee Consumer Product Removal Tool
5.8
CVSSv2
CVE-2022-1254
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x before 10.2.9, 9.x before 9.2.20, 8.x before 8.2.27, and 7.x before 7.8.2.31, and controlled release 11.x before 11.1.3 allows a remote malicious user to redirect a user to a malicious website controlled by the ...
Mcafee Web Gateway
2.1
CVSSv2
CVE-2022-1257
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows before 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.
Mcafee Agent
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »