Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcafee vulnerabilities and exploits
(subscribe to this query)
9
CVSSv3
CVE-2020-7293
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.
Mcafee Web Gateway
8.8
CVSSv3
CVE-2021-23894
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) before 4.8.2 allows a remote unauthenticated malicious user to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the...
Mcafee Database Security
8.8
CVSSv3
CVE-2021-23885
Privilege escalation vulnerability in McAfee Web Gateway (MWG) before 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page.
Mcafee Web Gateway
8.8
CVSSv3
CVE-2021-1257
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack to manipulate an authenticated user into executing malicious actions without their awaren...
Cisco Dna Center
Mcafee Agent
8.8
CVSSv3
CVE-2020-7332
Cross Site Request Forgery vulnerability in the firewall ePO extension of McAfee Endpoint Security (ENS) before 10.7.0 November 2020 Update allows an malicious user to execute arbitrary HTML code due to incorrect security configuration.
Mcafee Endpoint Security
8.8
CVSSv3
CVE-2020-7330
Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial before 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables
Mcafee Total Protection
8.8
CVSSv3
CVE-2020-7319
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 September 2020 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an un...
Mcafee Endpoint Security
8.8
CVSSv3
CVE-2020-7283
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program o...
Mcafee Total Protection
1 Github repository
8.8
CVSSv3
CVE-2019-3661
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) before 4.8 allows remote authenticated malicious user to execute database commands via carefully constructed time based payloads.
Mcafee Advanced Threat Defense
8.8
CVSSv3
CVE-2019-3651
Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD before 4.8 allows remote authenticated malicious users to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.
Mcafee Advanced Threat Defense
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »