Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2021-4088
SQL injection vulnerability in Data Loss Protection (DLP) ePO extension 11.8.x before 11.8.100, 11.7.x before 11.7.101, and 11.6.401 allows a remote authenticated malicious user to inject unfiltered SQL into the DLP part of the ePO database. This could lead to remote code executi...
Mcafee Data Loss Prevention
Mcafee Data Loss Prevention 11.6.401
7.2
CVSSv2
CVE-2022-0166
A privilege escalation vulnerability in the McAfee Agent before 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and execute...
Mcafee Agent
9.3
CVSSv2
CVE-2021-31854
A command Injection Vulnerability in McAfee Agent (MA) for Windows before 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature...
Mcafee Agent
7.2
CVSSv2
CVE-2022-0129
Uncontrolled search path element vulnerability in McAfee TechCheck before 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory th...
Mcafee Techcheck
4.6
CVSSv2
CVE-2021-31833
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in malicious user to circumvent the application solidification protection provided by MACC, permitting them to run applications that woul...
Mcafee Application And Change Control
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1155 Github repositories
28 Articles
3.5
CVSSv2
CVE-2021-4038
Cross Site Scripting (XSS) vulnerability in McAfee Network Security Manager (NSM) before 10.1 Minor 7 allows a remote authenticated administrator to embed a XSS in the administrator interface via specially crafted custom rules containing HTML. NSM did not correctly sanitize custo...
Mcafee Network Security Manager
4.9
CVSSv2
CVE-2021-31850
A denial-of-service vulnerability in Database Security (DBS) before 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of direct...
Mcafee Database Security
4.3
CVSSv2
CVE-2021-31851
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor before 6.5.2 allows a remote unauthenticated malicious user to inject arbitrary web script or HTML via the profileNodeID request parameters. The malicious script is reflected unmodified into the Policy Audito...
Mcafee Policy Auditor
4.3
CVSSv2
CVE-2021-31852
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor before 6.5.2 allows a remote unauthenticated malicious user to inject arbitrary web script or HTML via the UID request parameter. The malicious script is reflected unmodified into the Policy Auditor web-based...
Mcafee Policy Auditor
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »