Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee mcafee agent vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2003-0149
Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote malicious users to execute arbitrary code via a POST request containing long parameters.
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.0
Mcafee Epolicy Orchestrator 2.5.1
5.8
CVSSv2
CVE-2021-23890
Information leak vulnerability in the Agent Handler of McAfee ePolicy Orchestrator (ePO) before 5.10 Update 10 allows an unauthenticated user to download McAfee product packages (specifically McAfee Agent) available in ePO repository and install them on their own machines to have...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
NA
CVE-2022-3338
An External XML entity (XXE) vulnerability in ePO before 5.10 Update 14 can lead to an unauthenticated remote malicious user to potentially trigger a Server Side Request Forgery attack. This can be exploited by mimicking the Agent Handler call to ePO and passing the carefully con...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
6.8
CVSSv2
CVE-2021-1257
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack to manipulate an authenticated user into executing malicious actions without their awaren...
Cisco Dna Center
Mcafee Agent
5
CVSSv2
CVE-2004-0095
McAfee ePolicy Orchestrator agent allows remote malicious users to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Content-Length value, possibly triggering a buffer overflow.
Mcafee Epolicy Orchestrator 3.6.0
1 EDB exploit
4.3
CVSSv2
CVE-2012-4590
Multiple cross-site scripting (XSS) vulnerabilities in About.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) prior to 10.0 might allow remote malicious users to inject arbitrary web script or HTML via the (1) User Agent or (2) Connection variable.
Mcafee Enterprise Mobility Manager 4.7
Mcafee Enterprise Mobility Manager
NA
CVE-2022-2330
Improper Restriction of XML External Entity Reference vulnerability in DLP Endpoint for Windows before 11.9.100 allows a remote malicious user to cause the DLP Agent to access a local service that the attacker wouldn't usually have access to via a carefully constructed XML f...
Mcafee Data Loss Prevention Endpoint
5
CVSSv2
CVE-2008-1855
FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and previous versions, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote malicious users to corrupt memory and cause a denial of service (CMA Framework service crash) via a...
Mcafee Cma
1 EDB exploit
7.5
CVSSv2
CVE-2016-8027
SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and previous versions and 5.1.3 and previous versions allows malicious users to alter a SQL query, which can result in disclosure of information within the database or impersona...
Mcafee Epolicy Orchestrator
5
CVSSv2
CVE-2003-0610
Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote malicious users to read arbitrary files via a certain HTTP request.
Mcafee Epolicy Orchestrator 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »