Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0221
Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program.
Mcafee Application And Change Control
NA
CVE-2022-43751
McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary c...
Mcafee Total Protection
NA
CVE-2022-2188
Privilege escalation vulnerability in DXL Broker for Windows before 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker.
Mcafee Data Exchange Layer
NA
CVE-2022-3338
An External XML entity (XXE) vulnerability in ePO before 5.10 Update 14 can lead to an unauthenticated remote malicious user to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully con...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
NA
CVE-2022-3339
A reflected cross-site scripting (XSS) vulnerability in ePO before 5.10 Update 14 allows a remote unauthenticated malicious user to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted l...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
NA
CVE-2022-2330
Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows before 11.9.100 allows a remote malicious user to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML f...
Mcafee Data Loss Prevention Endpoint
NA
CVE-2022-37025
An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) prior to 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being ab...
Mcafee Security Scan Plus
NA
CVE-2022-2313
A DLL hijacking vulnerability in the MA Smart Installer for Windows before 5.7.7, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL into the folder from where the Smart installer is being executed.
Mcafee Agent
409
VMScore
CVE-2022-1823
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and ...
Mcafee Consumer Product Removal Tool
392
VMScore
CVE-2022-1824
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local malicious user to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able ...
Mcafee Consumer Product Removal Tool
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »