Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2020-7311
Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows before 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files.
Mcafee Mcafee Agent
7.8
CVSSv3
CVE-2020-7312
DLL Search Order Hijacking Vulnerability in the installer in McAfee Agent (MA) for Windows before 5.6.6 allows local users to execute arbitrary code and escalate privileges via execution from a compromised folder.
Mcafee Mcafee Agent
7.8
CVSSv3
CVE-2020-7314
Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client for Mac shipped with McAfee Agent (MA) for Mac prior to MA 5.6.6 allows local users to run commands as root via incorrectly applied permissions on temporary files.
Mcafee Mcafee Agent
6.7
CVSSv3
CVE-2020-7315
DLL Injection Vulnerability in McAfee Agent (MA) for Windows before 5.6.6 allows local users to execute arbitrary code via careful placement of a malicious DLL.
Mcafee Mcafee Agent
7.1
CVSSv3
CVE-2021-31836
Improper privilege management vulnerability in maconfig for McAfee Agent for Windows before 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user.
Mcafee Mcafee Agent
7.3
CVSSv3
CVE-2021-31841
A DLL sideloading vulnerability in McAfee Agent for Windows before 5.7.4 could allow a local user to perform a DLL sideloading attack with an unsigned DLL with a specific name and in a specific location. This would result in the user gaining elevated permissions and the ability t...
Mcafee Mcafee Agent
NA
CVE-2003-0148
The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 up to and including 3.0 allows malicious users to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO serv...
Mcafee Epolicy Orchestrator 2.5
Mcafee Epolicy Orchestrator 2.5.1
Mcafee Epolicy Orchestrator 3.0
Mcafee Epolicy Orchestrator 2.0
NA
CVE-2006-5271
Integer underflow in McAfee ePolicy Orchestrator 3.5 up to and including 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and previous versions allows remote malicious users to execute arbitrary code via a crafted UDP packet, which causes stack co...
Mcafee E-business Server 3.6.1
Mcafee Protectionpilot 1.1.1
Mcafee Protectionpilot 1.5.0
Mcafee E-business Server 3.5
5.4
CVSSv3
CVE-2018-6659
Reflected Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows remote authenticated users to exploit an XSS issue via not sanitizing the user input.
Mcafee Epolicy Orchestrator 5.3.0
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
4.9
CVSSv3
CVE-2018-6660
Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XM...
Mcafee Epolicy Orchestrator 5.3.0
Mcafee Epolicy Orchestrator 5.3.1
Mcafee Epolicy Orchestrator 5.3.2
Mcafee Epolicy Orchestrator 5.9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »