Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2022-1254
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x before 10.2.9, 9.x before 9.2.20, 8.x before 8.2.27, and 7.x before 7.8.2.31, and controlled release 11.x before 11.1.3 allows a remote malicious user to redirect a user to a malicious website controlled by the ...
Mcafee Web Gateway
7.2
CVSSv2
CVE-2022-1256
A local privilege escalation vulnerability in MA for Windows before 5.7.6 allows a local low privileged user to gain system privileges through running the repair functionality. Temporary file actions were performed on the local user's %TEMP% directory with System privileges ...
Mcafee Agent
2.1
CVSSv2
CVE-2022-1257
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows before 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.
Mcafee Agent
6
CVSSv2
CVE-2022-1258
A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA before 5.7.6 can be exploited by an authenticated administrator on ePO to perform arbitrary SQL queries in the back-end database, potentially leading to command execution on the server.
Mcafee Agent
4.3
CVSSv2
CVE-2022-0858
A cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to potentially obtain access to an ePO administrator's session by convincing the malicious user to click on a carefully crafted lin...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4.4
CVSSv2
CVE-2022-0859
McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a local malicious user to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
5.5
CVSSv2
CVE-2022-0861
A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote administrator malicious user to upload a malicious XML file through the extension import functionality. The impact is limited to some access to confidential i...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4.3
CVSSv2
CVE-2022-0862
A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to change the password of a compromised session without knowing the existing user's password. This fun...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4.3
CVSSv2
CVE-2022-0857
A reflected cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote malicious user to potentially obtain access to an ePO administrator's session by convincing the malicious user to click on a carefully c...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
4
CVSSv2
CVE-2022-0842
A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) before 5.10 Update 13 allows a remote authenticated malicious user to potentially obtain information from the ePO database. The data obtained is dependent on the privileges the attacker has and to...
Mcafee Epolicy Orchestrator 5.10.0
Mcafee Epolicy Orchestrator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »