Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
6.3
CVSSv2
CVE-2014-2205
The Import and Export Framework in McAfee ePolicy Orchestrator (ePO) prior to 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External Entity (XXE) issue.
Mcafee Epolicy Orchestrator 4.6.3
Mcafee Epolicy Orchestrator 4.6.2
Mcafee Epolicy Orchestrator 4.6.5
Mcafee Epolicy Orchestrator 4.6.4
Mcafee Epolicy Orchestrator
Mcafee Epolicy Orchestrator 4.6.6
Mcafee Epolicy Orchestrator 4.6.1
Mcafee Epolicy Orchestrator 4.6.0
6.5
CVSSv2
CVE-2013-4882
Multiple SQL injection vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and previous versions, and the ePolicy Orchestrator (ePO) extension for McAfee Agent (MA) 4.5 and 4.6, allow remote authenticated users to execute arbitrary SQL commands via the uid parameter to (1) core/...
Mcafee Epolicy Orchestrator 4.6.5
Mcafee Epolicy Orchestrator 4.6.4
Mcafee Epolicy Orchestrator
Mcafee Epolicy Orchestrator Agent 4.5
Mcafee Epolicy Orchestrator 4.6.3
Mcafee Epolicy Orchestrator 4.6.2
Mcafee Epolicy Orchestrator Agent 4.6
Mcafee Epolicy Orchestrator 4.6.0
Mcafee Epolicy Orchestrator 4.6.1
1 EDB exploit
4.3
CVSSv2
CVE-2013-4883
Multiple cross-site scripting (XSS) vulnerabilities in McAfee ePolicy Orchestrator 4.6.6 and previous versions, and the ePO Extension for the McAfee Agent (MA) 4.5 up to and including 4.6, allow remote malicious users to inject arbitrary web script or HTML via the (1) instanceId ...
Mcafee Epolicy Orchestrator 4.6.3
Mcafee Epolicy Orchestrator 4.6.2
Mcafee Epolicy Orchestrator Agent 4.6
Mcafee Epolicy Orchestrator 4.6.0
Mcafee Epolicy Orchestrator 4.6.1
Mcafee Epolicy Orchestrator 4.6.5
Mcafee Epolicy Orchestrator 4.6.4
Mcafee Epolicy Orchestrator
Mcafee Epolicy Orchestrator Agent 4.5
1 EDB exploit
5
CVSSv2
CVE-2012-4593
McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.
Mcafee Application Control 5.1.0
Mcafee Change Control 5.1.0
Mcafee Change Control 5.1.1
Mcafee Change Control 5.1.2
Mcafee Application Control 6.0.0
Mcafee Change Control 6.0.0
Mcafee Application Control 5.1.1
Mcafee Application Control 5.1.2
2.6
CVSSv2
CVE-2010-5143
McAfee VirusScan Enterprise prior to 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module.
Mcafee Virusscan Enterprise 8.7.00004
Mcafee Virusscan Enterprise
Mcafee Virusscan Enterprise 8.5i
Mcafee Virusscan Enterprise 8.0i
Mcafee Virusscan Enterprise 8.7i
Mcafee Virusscan Enterprise 8.7.00003
Mcafee Virusscan Enterprise 8.6.0
5.5
CVSSv2
CVE-2016-1715
The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1 before build 404, 6.1.2 before build 449, 6.1.3 before build 441, and 6.2.0 before build 505 on 32-bit Windows platforms allows local users to cause a denial of service (memory corruption...
Microsoft Windows
Mcafee Application Control 6.1.3
Mcafee Application Control 6.2.0
Mcafee Application Control 6.1.1
Mcafee Application Control 6.1.0
Mcafee Application Control 6.1.2
4.6
CVSSv2
CVE-2020-7276
Authentication bypass vulnerability in MfeUpgradeTool in McAfee Endpoint Security (ENS) for Windows before 10.7.0 April 2020 Update allows administrator users to access policy settings via running this tool.
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
7.5
CVSSv2
CVE-2017-3936
OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows malicious users to run arbitrary OS commands with limited privileges via not sanitizing the user input data before exporting it into a CSV format out...
Mcafee Epolicy Orchestrator 5.1.0
Mcafee Epolicy Orchestrator 5.1.3
Mcafee Epolicy Orchestrator 5.1.1
Mcafee Epolicy Orchestrator 5.1.2
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
3.3
CVSSv2
CVE-2020-7257
Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an an...
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
1 Github repository
4.6
CVSSv2
CVE-2020-7259
Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) before 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file
Mcafee Endpoint Security 10.5.0
Mcafee Endpoint Security 10.5.1
Mcafee Endpoint Security 10.5.2
Mcafee Endpoint Security 10.5.3
Mcafee Endpoint Security 10.5.4
Mcafee Endpoint Security 10.5.5
Mcafee Endpoint Security 10.6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »