Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerability manager vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-3965
Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) prior to 8.2.7.42.2 allows remote malicious users to perform unauthorized tasks such as retrieving internal system information or manipulating the...
Mcafee Network Security Manager
1.9
CVSSv2
CVE-2019-3606
Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GU...
Mcafee Network Security Manager
3.5
CVSSv2
CVE-2021-4038
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) before 10.1 Minor 7 allows a remote authenticated administrator to embed a XSS in the administrator interface via specially crafted custom rules containing HTML. NSM did not correctly sanitize custo...
Mcafee Network Security Manager
6.8
CVSSv2
CVE-2014-2390
Cross-site request forgery (CSRF) vulnerability in the User Management module in McAfee Network Security Manager (NSM) prior to 6.1.15.39 7.1.5.x prior to 7.1.5.15, 7.1.15.x prior to 7.1.15.7, 7.5.x prior to 7.5.5.9, and 8.x prior to 8.1.7.3 allows remote malicious users to hijac...
Mcafee Network Security Manager
6.8
CVSSv2
CVE-2008-3605
Unspecified vulnerability in McAfee Encrypted USB Manager 3.1.0.0, when the Re-use Threshold for passwords is nonzero, allows remote malicious users to conduct offline brute force attacks via unknown vectors.
Mcafee Encrypted Usb Manager 3.1.0.0
4.3
CVSSv2
CVE-2014-2586
Cross-site scripting (XSS) vulnerability in the login audit form in McAfee Cloud Single Sign On (SSO) allows remote malicious users to inject arbitrary web script or HTML via a crafted password.
Mcafee Cloud Single Sign On -
1 EDB exploit
5.8
CVSSv2
CVE-2020-14792
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network a...
Oracle Jdk 11.0.8
Oracle Jdk 1.7.0
Oracle Jdk 15
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Santricity Cloud Connector -
Netapp Oncommand Unified Manager -
Netapp Oncommand Insight -
Netapp E-series Santricity Web Services Proxy -
Netapp E-series Santricity Storage Manager -
Netapp Active Iq Unified Manager
Netapp E-series Santricity Os Controller
Netapp Snapmanager -
Netapp Solidfire -
Netapp 7-mode Transition Tool -
Netapp Hci Management Node -
Netapp Santricity Unified Manager -
Netapp Hci Storage Node -
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
1 Github repository
4.3
CVSSv2
CVE-2019-2842
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JCE). The supported version that is affected is Java SE: 8u212. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful ...
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Opensuse Leap 15.0
Opensuse Leap 15.1
Hp Xp7 Command View
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Canonical Ubuntu Linux 16.04
4.3
CVSSv2
CVE-2020-14782
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network...
Oracle Jdk 11.0.8
Oracle Jdk 1.7.0
Oracle Jdk 15
Oracle Jdk 1.8.0
Oracle Jre 1.8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp E-series Santricity Web Services Proxy -
Netapp E-series Santricity Storage Manager -
Netapp Active Iq Unified Manager
Netapp E-series Santricity Os Controller
Netapp Santricity Unified Manager -
Netapp E-series Performance Analyzer -
Netapp E-series Santricity Management Plug-ins -
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
Mcafee Epolicy Orchestrator 5.10.0
Opensuse Leap 15.2
4.3
CVSSv2
CVE-2020-7336
Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) before 10.1.7.35 and NSM 9.x before 9.2.9.55 may allow an malicious user to change the configuration of the Network Security Manager via a carefully crafted HTTP request.
Mcafee Network Security Management
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »