Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-3902
Cross-site scripting (XSS) vulnerability in the Web user interface (UI) in Intel Security ePO 5.1.3, 5.1.2, 5.1.1, and 5.1.0 allows authenticated users to inject malicious Java scripts via bypassing input validation.
Mcafee Epolicy Orchestrator 5.1.0
Mcafee Epolicy Orchestrator 5.1.2
Mcafee Epolicy Orchestrator 5.1.1
Mcafee Epolicy Orchestrator 5.1.3
NA
CVE-2006-5271
Integer underflow in McAfee ePolicy Orchestrator 3.5 up to and including 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and previous versions allows remote malicious users to execute arbitrary code via a crafted UDP packet, which causes stack co...
Mcafee E-business Server 3.6.1
Mcafee Protectionpilot 1.1.1
Mcafee Protectionpilot 1.5.0
Mcafee E-business Server 3.5
6.7
CVSSv3
CVE-2019-3648
A Privilege Escalation vulnerability in the Microsoft Windows client in McAfee Total Protection 16.0.R22 and previous versions allows administrators to execute arbitrary code via carefully placing malicious files in specific locations protected by administrator permission.
Mcafee Anti-virus Plus
Mcafee Internet Security
Mcafee Total Protection
1 Article
7.5
CVSSv3
CVE-2019-3581
Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote malicious users to cause a denial of service via a crafted HTTP request parameter.
Mcafee Mcafee Web Gateway
9.8
CVSSv3
CVE-2018-6667
Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 up to and including 7.8.1.5 allows remote malicious users to execute arbitrary code via Java management extensions (JMX).
Mcafee Mcafee Web Gateway
NA
CVE-2014-1473
Multiple cross-site request forgery (CSRF) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and previous versions allow remote malicious users to hijack the authentication of users for requests that modify HTML via unspecified vectors related ...
Mcafee Vulnerability Manager 7.5.4
Mcafee Vulnerability Manager 7.0.11
Mcafee Vulnerability Manager
8.4
CVSSv3
CVE-2020-7264
Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. Th...
Mcafee Endpoint Security 10.6.0
Mcafee Endpoint Security 10.7.0
Mcafee Endpoint Security
NA
CVE-2014-1472
Multiple cross-site scripting (XSS) vulnerabilities in the Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.5 and previous versions allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Mcafee Vulnerability Manager 7.0.11
Mcafee Vulnerability Manager
Mcafee Vulnerability Manager 7.5.4
NA
CVE-2006-5156
Buffer overflow in McAfee ePolicy Orchestrator prior to 3.5.0.720 and ProtectionPilot prior to 1.1.1.126 allows remote malicious users to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
Mcafee Protectionpilot 1.1.1
Mcafee Epolicy Orchestrator 3.0
Mcafee Epolicy Orchestrator 3.5.0
2 EDB exploits
6.5
CVSSv3
CVE-2020-7308
Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows before 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote malicious user to view the requests from ENS and responses from GTI ...
Mcafee Endpoint Security 10.7.0
Mcafee Endpoint Security 10.6.1
Mcafee Endpoint Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »