Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2022-1254
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x before 10.2.9, 9.x before 9.2.20, 8.x before 8.2.27, and 7.x before 7.8.2.31, and controlled release 11.x before 11.1.3 allows a remote malicious user to redirect a user to a malicious website controlled by the ...
Mcafee Web Gateway
187
VMScore
CVE-2022-1257
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows before 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.
Mcafee Agent
641
VMScore
CVE-2022-1256
A local privilege escalation vulnerability in MA for Windows before 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges ...
Mcafee Agent
534
VMScore
CVE-2022-1258
A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA before 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server.
Mcafee Agent
383
VMScore
CVE-2022-0858
A cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to potentially obtain access to an ePO administrator's session by convincing the malicious user to click on a carefully crafted lin...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
383
VMScore
CVE-2022-0862
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to change the password of a compromised session without knowing the existing user's password. This fun...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
383
VMScore
CVE-2022-0857
A reflected cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to potentially obtain access to an ePO administrator's session by convincing the malicious user to click on a carefully c...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
392
VMScore
CVE-2022-0859
McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a local malicious user to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
490
VMScore
CVE-2022-0861
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote administrator malicious user to upload a malicious XML file through the extension import functionality. The impact is limited to some access to confidential i...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
356
VMScore
CVE-2022-0842
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote authenticated malicious user to potentially obtain information from the ePO database. The data obtained is dependent on the privileges the attacker has and to...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »