Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-30639
A vulnerability in Apache Tomcat allows an malicious user to remotely trigger a denial of service. An error introduced as part of a change to improve error handling during non-blocking I/O meant that the error flag associated with the Request object was not reset between requests...
Apache Tomcat 10.0.4
Apache Tomcat 9.0.44
Apache Tomcat 10.0.3
Apache Tomcat 8.5.64
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Oracle Big Data Spatial And Graph
9
CVSSv2
CVE-2021-31838
A command injection vulnerability in MVISION EDR (MVEDR) before 3.4.0 allows an authenticated MVEDR administrator to trigger the EDR client to execute arbitrary commands through PowerShell using the EDR functionality 'execute reaction'.
Mcafee Mvision Edr
4.4
CVSSv2
CVE-2021-31840
A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows before 5.7.3 could allow an authenticated, local malicious user to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need...
Mcafee Mcafee Agent
2.1
CVSSv2
CVE-2021-31839
Improper privilege management vulnerability in McAfee Agent for Windows before 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the eP...
Mcafee Agent
2.1
CVSSv2
CVE-2020-13938
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
Apache Http Server
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
Netapp Cloud Backup -
6.1
CVSSv2
CVE-2021-31837
Memory corruption vulnerability in the driver file component in McAfee GetSusp before 4.0.0 could allow a program being investigated on the local machine to trigger a buffer overflow in GetSusp, leading to the execution of arbitrary code, potentially triggering a BSOD.
Mcafee Getsusp
3.5
CVSSv2
CVE-2021-31832
Improper Neutralization of Input in the ePO administrator extension for McAfee Data Loss Prevention (DLP) Endpoint for Windows before 11.6.200 allows a remote ePO DLP administrator to inject JavaScript code into the alert configuration text field. This JavaScript will be executed...
Mcafee Data Loss Prevention
3.5
CVSSv2
CVE-2021-31830
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in McAfee Database Security (DBSec) before 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be tr...
Mcafee Database Security
6.5
CVSSv2
CVE-2021-31831
Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) before 4.8.2 allows a remote authenticated malicious user to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was onl...
Mcafee Database Security
2.7
CVSSv2
CVE-2021-23896
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) before 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user...
Mcafee Database Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »