Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-4052
Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote malicious users to change or update any configuration settings, or gain administrator functionality via a crafted HTTP...
Mcafee Advanced Threat Defense 3.6
Mcafee Advanced Threat Defense 3.4
Mcafee Advanced Threat Defense 3.10
Mcafee Advanced Threat Defense 3.8
9.8
CVSSv3
CVE-2014-9921
Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and previous versions allows remote unauthenticated users to view, add, and remove users via a configuration error.
Mcafee Cloud Analysis And Deconstructive Services
Mcafee Cloud Analysis And Deconstructive Services 1.0.0.3
9.8
CVSSv3
CVE-2016-0718
Expat allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
Mozilla Firefox
Apple Mac Os X
Suse Linux Enterprise Server 11
Suse Studio Onsite 1.3
Suse Linux Enterprise Software Development Kit 11
Suse Linux Enterprise Debuginfo 11
Opensuse Leap 42.1
Suse Linux Enterprise Software Development Kit 12
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Libexpat Project Libexpat
Debian Debian Linux 8.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mcafee Policy Auditor
Python Python
1 Article
9.6
CVSSv3
CVE-2019-3638
Reflected Cross Site Scripting vulnerability in Administrators web console in McAfee Web Gateway (MWG) 7.8.x before 7.8.2.13 allows remote malicious users to collect sensitive information or execute commands with the MWG administrator's credentials via tricking the administr...
Mcafee Web Gateway
9.1
CVSSv3
CVE-2024-21887
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.
Ivanti Connect Secure 22.1
Ivanti Connect Secure 22.2
Ivanti Connect Secure 9.1
Ivanti Policy Secure 22.2
Ivanti Policy Secure 22.1
Ivanti Policy Secure 9.1
Ivanti Connect Secure 22.5
Ivanti Connect Secure 22.4
Ivanti Connect Secure 22.3
Ivanti Connect Secure 22.6
Ivanti Policy Secure 22.3
Ivanti Policy Secure 22.6
Ivanti Policy Secure 22.5
Ivanti Policy Secure 22.4
Ivanti Connect Secure 9.0
Ivanti Policy Secure 9.0
2 Metasploit modules
14 Github repositories
11 Articles
9.1
CVSSv3
CVE-2021-31838
A command injection vulnerability in MVISION EDR (MVEDR) before 3.4.0 allows an authenticated MVEDR administrator to trigger the EDR client to execute arbitrary commands through PowerShell using the EDR functionality 'execute reaction'.
Mcafee Mvision Edr
9.1
CVSSv3
CVE-2018-6677
Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors.
Mcafee Mcafee Web Gateway 7.8.1.0
9.1
CVSSv3
CVE-2018-6678
Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.
Mcafee Mcafee Web Gateway 7.8.1.0
9.1
CVSSv3
CVE-2017-3968
Session fixation vulnerability in the web interface in McAfee Network Security Manager (NSM) prior to 8.2.7.42.2 and McAfee Network Data Loss Prevention (NDLP) prior to 9.3.4.1.5 allows remote malicious users to disclose sensitive information or manipulate the database via a craf...
Mcafee Network Security Manager
Mcafee Network Data Loss Prevention
9.1
CVSSv3
CVE-2015-8772
McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a large VERIFY_INFORMATION.Length value in an IOCTL_DISK_VERIFY ioctl call.
Mcafee File Lock 5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »